I have a server app that stores encrypted payload ($textPayload) that users encrypted on their side (The server is just stores is and serves it).
Users can use multiple encryption keys for different payloads ($textPayload)- the server doesn't know.
I am thinking about how to implement editing.
One approach I came up with was generating a random string ($editTokenPlain) on the client, encrypting it ($editToken) with the same key and storing both $editTokenPlain and $editToken next to the sensitive encrypted payload ($textPayload).
Then user would receive the edit token($editTokenPlain), encrypt it and send it together with the edited payload and if the encrypted token matched the encrypted value on the server - then the payload would be updated.
My question is: If I have 2 encrypted texts($textPayload,$editToken) with the same encryption key (using AES) and 1 decrypted text $editTokenPlain - can someone derive the encryption key?
