I'm considering the following design for the application with client-side encryption
Suppose we have a web application that manages / stores users' confidential business data, and we do not want to know what data is in the backend, no need to count on it, just a store retrieval service running in the front end of the browser most of the work.
The application is also Single Sign On, which is integrated with some of the user account management identity providers and uses one of the standard technologies, such as: B. OIDC, SAML2 (which is exactly my question).
We let the user's browser generate an RSA key pair that is used to protect its own record, possibly using mouse entropy.
Next, I do not want to store the user's private key in the browser, but instead encrypt it with the public IdP key and store it along with the user's simple public key in the application backend, pointing to the user ID.
If an application wants to store user data, it must be encrypted with the public key of the user ID.
When the user needs to retrieve their data, the application asks to log in to IdP, passing the user's encrypted private key into a custom attribute. I want IdP to decrypt and return that user's private key as part of the claim only if the authentication succeeds.
Next, this private key can be used in the browser to decrypt the user data blob and proceed according to business logic
Is it technically possible and which protocol and which function can be used with SSO?
I understand that IdP would know the user's private key. This may be alleviated by running an additional KEK-DEK encryption scheme on the user's private key in the browser.
Do you have any other potential security issues that you can see here?