Special feature
Two-phase cryptographic key recovery system

https://doi.org/10.1016/S0167-4048(97)84642-1Get rights and content

Abstract

A two-phase method of key recovery which will be referred to as Secure Key Recovery (SKR) is presented. The proposed key recovery system permits a portion of the key recovery information to be generated once and then used for multiple encrypted data communications sessions and encrypted file applications. In particular, the portion of the key recovery information that is generated just once is the only portion that requires public key encryption operations. We also describe a verification mode in which the communicating parties each produce SKR recovery information independently, without checking the other's so produced information. In this mode, if at least one side is correctly configured, all required recovery information is correctly produced. In addition, the communicating parties are free to include any optional recovery fields without causing a false invalidation of what the other parties sent. Further, we present a method of verification of key recovery information within a key recovery system, based on a variation of the three-party Diffie-Hellman key agreement procedure. Without communication with a trustee, the sender is able to encrypt recovery information in such a way that both the receiver and the respective trustee can decrypt it. This reduces the number of encryptions, and inherently validates the recovery information when the receiver decrypts it. The method allows full caching of all public key operations, thus further reducing computational overhead.

References (15)

  • J. Nechvatal

    A Public Key Based Key Escrow System

    Journal of System Software

    (1996)
  • D.E. Denning et al.

    A Taxonomy for Key Escrow Encryption Systems

    Communications of the ACM

    (1996)
  • D.E. Denning et al.

    Key Escrow Encryption Policies and Technologies

    Information System Security

    (1996)
  • J. Kilian et al.

    Fair Cryptosystems, Revisited

  • E.H. Freeman

    When Technology and Privacy Collide. Encoded Encryption and the Clipper Chip

    Information System Management

    (1995)
  • S. Landau et al.

    Crypto Policy Perspectives

    Communications of the ACM

    (1994)
  • J. He et al.

    A New Key Escrow Cryptosystem

There are more references available in the full text version of this article.

Cited by (0)

View full text