Showing papers on "Key escrow published in 2000"

Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets

Abstract: The invention employs a voluntary identification/definition phase performed, for example, shortly after a computer is purchased, and a secret information retrieval phase. In the definition phase, the true owner/customer defines an escrow record which provides self-identification data together with encrypted password data. The present invention prompts a user to voluntarily escrow password or other secret information for later retrieval by entering a series of information uniquely describing himself or herself. The identification indicia is combined with the secret information (such as the user's encryption password) and is then encrypted under the control of the trustee's public key. The combined information may be encrypted, for example, under a random symmetric key (such as DES) which is then encrypted under the trustee's public key. After unique identification data has been entered, the user is asked to select a password to protect the system. Thereafter, all the personal identifying data, together with the password, is encrypted with the trustee's public key and is stored, for example, in the user's computer as an escrow security record. The password is then used to encrypt all data on the user's disk. If at some point in time in the future, the user forgets the password, the retrieval phase of the applicant's invention is performed. Under such circumstances, the user contacts the trustees, e.g., the vendor or manufacturer. The trustee utilizes documentary, evidence presented by the alleged legitimate user and determines whether such evidence matches with the previously encrypted escrow information stored in the escrow record created by the user. If they agree, then the trustee has confidence that the true owner is making the request, and that revealing the secret key will not betray the owner's interest.

Method and system in electronic commerce for inspection-service-based release of escrowed payments

Abstract: A method, apparatus, system, or computer program product facilitates trustworthy electronic commerce by providing an inspection-service-based release of an escrowed payment for a transaction involving physical goods. An inspection service stands as an independent party at the onset of the transfer of goods between the buyer and the seller. In an attempt to reduce fraudulent behavior by the buyer or the seller, an inspection service inspects the goods, preferably at the point of shipment. A description of the goods has been previously stored in a transaction record that has been previously created within an escrow service. The inspection service may electronically retrieve the description of the goods from the escrow service. The inspection service then determines whether the description of the goods is acceptably similar to the actual condition or type of the goods and generates a certification if they are acceptable similar. The inspection service may then electronically notify the escrow service of the certification, and the escrow service may release the escrowed payment if the goods are accepted by the other party.

Method and apparatus for regenerating secret keys in Diffie-Hellman communication sessions

Abstract: A system and method for regenerating secret keys that have been used to encrypt communications between two parties are disclosed. The system and method involve securely escrowing only one of the private values that the parties use in a Diffie-Hellman exchange to establish secure communications between the parties. The public value for each communication session is controlled after the escrow of the private value, and the secret keys are regenerated from the escrowed private value and the controlled public values. The escrowed private value is transmitted to the escrow center with full proof of security and authenticity, and the escrowed private value can be changed and re-sent to the escrow center.

Technique for electronic funds escrow

Abstract: A system, method and article of manufacture for integrated event tracking of an electronic escrow transaction. An instruction is received from a purchaser, via a network, to effect an electronic escrow transaction. The electronic funds escrow transaction arises out of a sale between a purchaser and a seller for goods or services purchased via a network. To effect the electronic escrow transaction, network communications are directed with each of the seller, the purchaser, and a financial institution. Each of these communications associated with effecting the electronic escrow transaction is stored in a memory.

Tax escrow system for independent contractors

Abstract: The system ensures the timely payment of taxes due a taxing authority while protecting the solvency of an independent service provider. The contracting entity retains a third-party escrow manager who oversees payments made by the contracting entity to an independent service provider. The third-party escrow manager estimates tax liability owed by the independent service provider to a tax authority based upon data provided to the third-party escrow manager by the independent service provider. The third-party escrow manager deposits a portion of monies owed to the independent service provider by the contracting entity for services provided in an escrow account. The escrow account is used by the independent contractor to pay monies owed to the taxing authority in a timely manner when due.

Escrow trade agency system

Abstract: An escrow transaction commission system 1 of the present invention is characterized by including escrow account specifying means 50 for allowing a buyer to specify an escrow account for depositing escrow money, money sending instructing means 51 for instructing a buyer specified financial institution 11 to send the escrow money to the escrow account, receipt verification transmitting means 52 for receiving verification of receipt of money from an escrow bank when the escrow cost is deposited in the escrow account, and then transmitting this receipt verification to a supplier, delivery verification receiving means 53 for receiving delivery verification of escrow target goods from the buyer when the supplier delivers the escrow target goods, and payment instruction transmitting means 54 for transmitting a payment instruction to the escrow bank to pay the escrow cost to a supplier specified financial institution 10 when the delivery verification is received.

A Key Escrow Scheme with Time-Limited Monitoring for One-Way Communication

Abstract: This paper studies several of the properties necessary for public key based escrow schemes, and observes that previous schemes lack some important properties. Focusing on the type of communication typified by e-mail, we construct a novel and simple scheme that provides “warrant bounds”, “admissibility”, “surveillance switching”, “non-directive monitoring”, “off-line agency”, “target hiding” and many other useful properties all at the same time.

Key escrow system

Abstract: PROBLEM TO BE SOLVED: To provide a key escrow system that an investigation agency utilizing a mobile terminal can intercept communication in real time even without a key storage agency adopting the key escrow system. SOLUTION: The key escrow system introduces a proxy server(P) to which a key delivery server(KDS) always distributes a session key for encryption communication between users at the same time. The proxy server(P) stores the encrypted key distributed from the key delivery server(KDS). When the investigation agency (I) commands delivery of a session key with a license or search warrant of a court, the proxy server(P) requests the key delivery server(KDS) to authenticate an investigation agency terminal making the command and to authenticate whether or not a target person is correct. The proxy server (P) delivers the session key encrypted by a public key of the investigation agency (I) to the investigation agency (I). COPYRIGHT: (C)2002,JPO

Method for key escrow in a communication system and apparatus therefor

Abstract: Method of monitoring a secure encrypted communication, where the encryption key(s) is recovered by an escrow center having a master and multiple agents and the master receives the key encrypted using a mask scheme. Independent random masks are generated, which are then used to create dependent masks for each agent. The agents receive the mask information but no key information. The agents decide whether to allow the interception of an encrypted message. In response to the agents' decisions, the master is either enabled to recover the key or prevented from recovering the key. Encrypted key information is only available to the master. Multiple combinations of agents will provide sufficient information to the master to recover the key, avoiding the hold-out problems of the prior art. In one embodiment, multiple masters provide back-up protection when a master is unavailable.

Key Recovery System for the Commercial Environment

Abstract: We propose an efficient, scalable, flexible key recovery solution for use in commercial environments. Our scheme takes a new approach in the design of key recovery systems, called hybrid key escrow. We shall demonstrate the claims by comparing the computation and communication requirements for our proposal with the key recovery solution implemented by IBM.

Partial Key Escrow Monitoring Scheme

Abstract: During (partial) key escrow, monitoring is a vital phase. So how to monitor a user safely and efficiently is a very important problem. According to the known monitoring schemes, after a user is monitored, his secret key is known. It is unfair to an honest user. In this paper, the authors propose a monitoring scheme of a typical partial key escrow scheme. In this scheme, the escrowed key of a user is not compromised even if the user has been monitored for many times.

Time-lock puzzle with examinable evidence of unlocking time (Transcript of discussion)

Abstract: Good afternoon. I’ll be sticking to the auditability theme. This is about a protocol which was proposed by Rivest, Shamir and Wagner. It’s a timelock puzzle and to start with I will look at what is a timelock puzzle and what is its use, and then look at the RSW scheme, and then it will be an obvious requirement for auditability, to establish that the puzzle can really be solved within the stated time. Before going into details I look at what the puzzle actually is. It is timedrelease cryptography, which takes a very long time, or any specifiable length of time, to solve. Once it’s solved you then know some bits of crypto. It is based on RSA, and now there is argument about how to name RSA, somebody says it’s the alleged trademark of the cryptography used, so somebody else says it’s secret order, like discrete logarithm, address the problem rather than the inventor’s name. Now the applications of time-release cryptography. Obviously there are several, say a bidder wants to seal a bid for a bidding period, another thing is sending messages to the future, a secret to be read in 50 years’ time, and another thing is key escrow architecture. Key escrow is this thing where there is a requirement to escrow some keys so that they can be recovered, and the danger is vast scale intrusion. So with timed-release cryptography it will take some time to produce a key, although we mustn’t waste a tremendous amount of time, but vast scale penetration becomes infeasible, becomes an individual criminal does not have the resources, so this is an example of a real application. Now look at the RSW scheme. It is based on a secret order to an element. Suppose Alice has a secret to encrypt with a timelock puzzle for t units of time to solve. She generates two big primes p, q and multiplies them to obtain n, and then picks a random session key K and encrypts with this the message M using conventional key cryptography to get CM . Then she encrypts the session key K using RSA, by adding a modulo n to give CK . Here a is a random element and this exponent e is defined as 2 mod φ(n) where t is the number of timesteps needed to solve the puzzle. Since Alice generated p and q she can compute this e easily, whereas without knowing the factorization you cannot compute φ(n). Now CM and a and CK are published, so this triple becomes the timelock puzzle. So if we analyse it we know that to decrypt messageM from CM you need obviously the correct key, assume this, and to decrypt K from CK you need to compute a mod n. Without knowing the factorization of n it seems that the only known way to compute a is by a repeated squaring of a, so that is t multiplications.

Scheme of Secure Key Escrow in Electronic Commerce Based on PKI

Abstract: Certificate authority and key escrow agent are the two key components of PKI (public key infrastructure) To prevent the user from evading key escrow and protect the escrowed private key, an escrow scheme of Electronic Commerce was researched based on PKI This paper first discussed the concept of key escrow and key escrow agent, then made some researches on key escrow system, including its components and structure It analyzed the relationship between the digital certificate and the escrowed key On the basis of it, an escrow scheme based on discrete logarithm was presented It also described the operation process of sending and receiving message of the user, and how the government can obtain the plain text from the ciphertext with the help of escrow agent

Two-Party Shared RSA Key Against Cheater

Abstract: Generation of two-party shared RSA keys is an important cryptographic protocol. The protocol is applied in key escrow and has a number of other important appli cations. N.Gilboa presented a protocol of two-party shared RSA key generation. The protocol is efficient, but it cannot preclude either party from active cheat ing. Based on that protocol, a new protocol of two-party shared RSA key generat ion is presented against cheater.

Key escrow and group communication method

Abstract: PROBLEM TO BE SOLVED: To conduct group communication among three parties according to the El Gamal encryption, without preliminary communication. SOLUTION: A center 1 discloses an elliptic curve E on a finite field GF (q) and points P and Q on E to the public. Users A, B, and C have secret random numbers (integers) a, b, and c, respectively, and discloses public keys PA (=a*P), PB (=b*P), PC (=c*P), QA (=a*Q), QB (=b*Q), and QC (=c*Q) to the public. A transmitter finds a common key using Weil pairing to Tate pairing, according to the disclosed information and his/her own secret key. The transmitter adds the common key to a message M and sends the result. A receiver calculates a common key according to the public information and his/her own secret information, and decodes the message M. Thus, El Gamal encryption communication can be conducted among three parties, without preliminary communication. COPYRIGHT: (C)2002,JPO