Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Commercial key recovery
Walker S., Lipner S., Ellison C., Balenson D. Communications of the ACM39 (3):41-47,1996.Type:Article
Date Reviewed: Dec 1 1996

A workable method for providing a key recovery capability for files and other long-term data items that are encrypted with a per-item key is offered.

This paper is a blend of politics (the key-escrow issue) and technology (a way to bind per-item keys to data such as files and messages). The essence of the key recovery idea is to store the per-item key encrypted in a public key belonging to an interested party (a corporation, government agency, or individual user). The private component of the public key is held by whomever the interested party chooses (including him or herself). The public keys are assigned on a per-user basis and are only used for key recovery when the interested party presents proper credentials.

The individual user’s file or message encryption software is fitted with extensions to store the per-item key encrypted with the assigned or selected public key. Then, whenever the interested party is unable to read a data item due to sender or receiver “data blackmail” or more benign causes (such as forgetfulness or a lost or damaged key file), he or she can present the data item to the public key holder along with whatever authority and identification the situation requires. The (secret) public key holder then extracts the per-item key. The paper wanders in and out of the political weeds about whether the government or some ostensibly disinterested third party should or will hold the secret part of the public key.

The paper suggests that the scheme can be made part of a software encryption package that is integrated into one or more applications. The authors make claims, unsupported in the paper, that it is possible to bind the software encryption program and the software key escrow to an application in such a way that extricating oneself from the clutches of the mandatory key escrow is at least as difficult as defeating key escrow in Clipper/Capstone.

The paper is interesting in that it provides a template for key recovery that could be attractive to commercial software vendors and to end users. I recommend it to everyone new to the key escrow idea for a really simple, easily understood description of how it could work. Readers can find the meat of the paper easily enough, and the technical description of how a key recovery scheme could work is first-rate.
Reviewer:  James P. Anderson Review #: CR120096 (9612-0998)
Bookmark and Share
 
Public Key Cryptosystems (E.3 ... )
 
 
Privacy (K.4.1 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Public Key Cryptosystems": Date
Direct demonstration of the power to break public-key cryptosystems
Koyama K.  Advances in cryptology (, Sydney, Australia, Jan 8-11, 1990)211990. Type: Proceedings		 Sep 1 1991
Public-key cryptography
Salomaa A., Springer-Verlag New York, Inc., New York, NY, 1990. Type: Book (9783540528319)		 Feb 1 1992
Computation of discrete logarithms in prime fields
LaMacchia B., Odlyzko A. Designs, Codes and Cryptography 1(1): 47-62, 1991. Type: Article		 Apr 1 1992
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy