I know there are much more sophisticated encryption schemes than this one that achieve the same goal but I would like to understand any weaknesses in this basic, and probably typical, process:
generate a pair of keys with an asymmetric algorithm of your choice, say RSA.
Generate a random 32 byte string with a good random number generation algorithm say
Crypto.getRandomValues()
of Web Crypto API.Encrypt a file using a good symmetric encryption algorithm, say AES, using the random string referred to in point
2
as the key, creating a binary objectC
.Encrypt the string referred to in point
2
together with some metadata, for example the filename of encrypted file, with the public key generated in point1
creating the binary objectH
.Concatenate the binary objects
H
andC
(in this order) creating a third final binary object which we will call binary objectT
(target).Repeat the process from
2
to5
on a series of different files, say 100, obtaining 100 binary objectsT1
,T2
, ...,T100
which are made public.
Which type of attack, if any, is this process prone to?
Are there any particular algorithmic choices in points 1
, 2
and 3
that make the process more prone to some type of attack?