encryption: how to share information between devices, decrypt it later with a private key

I am developing an application for alert people if they meet a positive person covid-19.
I am very concerned about user privacy. So I need to make a user completely anonymous.

What you want is the following.

Suppose there are devices A, B, C,

A, B and C must broadcast their own UUID via Bluetooth
When A, B, and C are close to each other, A will have B, C UUID, and B will get A, C UUID, and vice versa.

Suppose A discovers that A is positive for Covid-19.
A will upload its UUID to a central server B and C also verifies the UUIDs with the server.
When B, C retrieves the UUID list of the infected person B's applications, C will check to see if they match any of the UUIDs downloaded from the server with the locally saved UUID.

But in my case I don't want the server to find the UUID of A. But somehow I need to send the UUID of A to other devices too. What will be the best approach?

My solution.

All devices will generate their own public and private key pairs.
Each application will encrypt its UUID with the public key it has generated and transmit to the other devices encrypted with the public key UUID +.

Once a particular user finds it positive for covid-19, it will upload their private key to the server.
All applications will download all private keys from all Covid positive devices. and check if the applications themselves can decrypt your messages with the private keys they have.

Is this possible? or what will be the best approach.

It is stupid to reveal the private key. And it will also be chaos to find the appropriate public key matching the private key as well … But nevertheless this was the only thing I could think of.

Asymmetric XML encryption (in .NET)

I am trying to decrypt XML EncryptedData in .NET Framework:


As I understand it, I need to implement these steps:

  1. recreate the public key stored in the OriginatorKeyInfo node using the x, y parameters of PublicKey and the specified curve, the result is publicKey
  2. KeyAgreement operation (algorithm: ECDH-ES) using my private key and publicKey from step 1, the result is sharedKey
  3. Key derivation function operation (algorithm: ConcatKDF) using sharedKey, result is wrappingKey
  4. do Key Unwrap (algorithm kw-aes256) in EncryptedKey> CipherData> CipherValue using unwrappingKey, the result is encryptionKey
  5. decrypt (algorithm aes256-gcm) in EncryptedData> CipherData> CipherValue using encryptionKey

I am currently in step 1. Using jose-jwt I can create a public key with EccKey.New(x, y, CngKeyUsages.KeyAgreement), but I don't understand why there is no curve name parameter?
If anyone knows how to make this work or some examples (bouncy castle?) Please comment.

encryption: using Chacha20 with a nonce NULL

I am new to ChaCha20. From the RFC –

The entrances to ChaCha20 are:

o A 256-bit key, treated as a 32-bit eight-bit concatenation.
endian integers.

o A 96-bit nonce, treated as a concatenation of three small 32-bit bits
endian integers.

o A 32-bit block count parameter, treated as a 32-bit little endian

Now looking at Apple's CryptoKit, the counter is not provided as an input option. They implement the counter under the hood. For the sake of this question, suppose the counter is implemented correctly.

The key is set randomly for the encryption session (which is network data encryption).

Now if I use a nonce NULL, the counter is still used. It will be OK?

Is the maximum number of messages that can be encrypted in this way before changing the key is 2 ^ 32? or is it the maximum number of bytes?

encryption: GnuPG decryption does not request a passphrase

Do you store the secret key somewhere and use it (I also stored my secret key in the GnuPG key chain, use it)?

GnuPG only uses keys from its keychain, so should be there to use it.

How can I force the system to ask for the passphrase every time?

Earlier versions of GnuPG used the gpg-agent, which caches the passphrase for a specified time. Use the option --no-use-agent or add a line no-use-agent to ~/.gnupg/gpg.conf to avoid using the agent.

For the latest versions (v2.1 +), disable password caching for the agent by creating ~/.gnupg/gpg-agent.conf and adding the following lines:

default-cache-ttl 1
max-cache-ttl 1

Restart the agent with:

echo RELOADAGENT | gpg-connect-agent

One of the best encryption token providers in the entire encryption market

Visit them for a never-before-seen cryptocurrency trading strategy, world-class Bitcoin Bot, and crypto trading assistance: https://t.me/cryptosignalalert

b9mVxEQ.png "data-src =" https://i.imgur.com/b9mVxEQ.png "src =" https://topgoldforum.com/applications/core/interface/js/spacer.png "/>
<p>	You can see that we are a community that not only provides high-precision signals, but also provides a Crypto Bot that automatically executes those signals on your account (if you enable it)
<p>	You get all the following accesses being our member<br />
	Free access to guaranteed winnings group (49 out of 49 signals have generated big profits)<br />
	Free Crypto Bot access that copies Crypto Signals to your account and makes exchanges<br />
	Commercial Tutorial Videos, Guidance and Commercial Support<br />
	We provide high precision signals for all major exchanges like Binance, Binance.US, Bitmex, Bittrex, Poloniex and many more.<br />
	You can trade on any exchange through our signals: our signals are guaranteed earnings.
<p>  . (tagsToTranslate) crypto (t) bitcoin (t) binance</p>
<div data-id=