LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How do you send the same encrypted document to two different recipients using hybrid encryption without encrypting the document twice?

Encrypt the document once with a random session key, then encrypt the session key separately with each recipient's public key — send one encrypted document plus two encrypted session keys.

The process:

  1. Generate random session key: $K_S$
  2. Encrypt document once: $c = E_{sym}(K_S, m)$
  3. Encrypt $K_S$ for recipient 1: $K_{S,1} = E_{asym}(K_{pub,1}, K_S)$
  4. Encrypt $K_S$ for recipient 2: $K_{S,2} = E_{asym}(K_{pub,2}, K_S)$
  5. Send: $c \| K_{S,1} \| K_{S,2}$

Why not encrypt the document twice?

  • The document could be huge (e.g., 1 GB video)
  • Asymmetric encryption is ~1000x slower than symmetric
  • Encrypting 1 GB twice with RSA would be extremely slow

With hybrid encryption:

  • The expensive symmetric encryption of the document happens only once
  • Only the small session key (~256 bits) is asymmetrically encrypted per recipient
  • Scales beautifully: for $k$ recipients, add $k$ encrypted session keys (negligible overhead)

This is exactly how PGP/GPG works when you encrypt an email to multiple recipients. The email body is encrypted once; only the session key is encrypted separately for each recipient's public key.

Why this also prevents a cryptanalysis problem (RSA determinism): Textbook RSA is deterministic — the same plaintext encrypted with the same key always produces the same ciphertext. By using a random session key, even sending the same document twice produces different ciphertexts, preventing lookup table attacks.

From Quiz: KRYPTOG / Fundamentals of Cryptography | Updated: Jul 14, 2026