Asymmetric Encryption on User Data to Allow Unauthenticated Input
Normally I would want to develop an app that encrypts user's data with symmetric encryption (AES 256) from a password based derived key (PBKDF2).
For a new project, I would like the users to be able to add data to their account without authenticating. All they would have to know is their account identifier (username, email, etc).
Could I accomplish this with asymmetric encryption like RSA? Unauthenticated input would be encrypted with an account's public key, and only the account holder could decrypt with their private key.
Would this be an acceptable approach, or am I totally off?
Edit: To clarify, a use case would be the ability for the system itself to generate data on a user's behalf that can only be decrypted by the user. Assumption that the system makes no logs of this.
