I am writing a C#.net application. For my application the data of the users should be encrypted in the database. The users should also be able to share data with other users. To that end I want to you RSA encryption.
My intended implementation is as follows: The public key of the user is stored in the database. Data that is to be shared with another user is encrypted with that users public key and stored in the database. Now, here are two problems I am facing with this approach:
1.) I want the public/private key pair to be derived from the user password so as to not have it stored anywhere unsafely on disk. Whenever the user logs into the application, the private key is derived and user data can be de-/encrypted. My question is, how can I derive an RSA key pair from the password?
2.) If the user resets their password, no previously encrypted data can be decrypted anymore, as that would require the user’s old password in order to derive the private key. As far as I know, one solution to this problem is to encrypt/decrypt using a randomly generated data encryption key that doesn’t ever change, and to then encrypt that key using a password based key. But then how can a user share encrypted data with other users? For that the user would have to also share their password based key in order to grant access to the public data encryption key, which obviously is against the whole point of encryption.
So, how do I go about reconciling and solving both of these issues?