Decrypt stored secret using HTTPS transport

Question

I am considering developing a software for safely storing files on a server.

Let's say I have a secret document initially stored on my client computer that I want to upload to the server. The requirements here is that the file on the server should be encrypted at all times and since the private key is on the client, it is unreadable for anyone accessing the server directly. Maybe I can do it with javascript or maybe I need to develop a full fledged app to handle the upload. Either way is OK but I need to be able to download and decrypt the file using web browser only.

This got me thinking. Can I configure HTTPS (SSL) in a way that I can precalculate the encrypted response from server to client. In that case I can do that while uploading and when the document is requested I can just return the pre-encrypted data which will be decrypted by the SSL stack on the client.

I know that the there will be a random number exchange that prevents this. But is there a way to configure SSL so that the response from server to client will be the same always. In this case replay attacks from server to client is acceptable and not an issue.

Answer 1

In an SSL handshake, the client generates the pre-master secret that will be used to derive the session key. Since you appear to have control only over the server, you cannot prevent the client from steering the conversation in a particular (cryptographic) direction.