Showing papers on "Key escrow published in 2002"

Efficient Identity Based Signature Schemes Based on Pairings

Abstract: We develop an efficient identity based signature scheme based on pairings whose security relies on the hardness of the Diffie-Hellman problem in the random oracle model We describe how this scheme is obtained as a special version of a more general generic scheme which yields further new provably secure identity based signature schemes if pairings are used The generic scheme also includes traditional public key signature schemes We further discuss issues of key escrow and the distribution of keys to multiple trust authorities The appendix contains a brief description of the relevant properties of supersingular elliptic curves and the Weil and Tate pairings

Practical Verifiable Encryption and Decryption of Discrete Logarithms.

Abstract: This paper addresses the problem of designing practical protocols for proving properties about encrypted data. To this end, it presents a variant of the new public key encryption of Cramer and Shoup based on Paillier’s decision composite residuosity assumption, along with ecient protocols for verifiable encryption and decryption of discrete logarithms (and more generally, of representations with respect to multiple bases). This is the first verifiable encryption system that provides chosen ciphertext security and avoids inecient cut-and-choose proofs. The presented protocols have numerous applications, including key escrow, optimistic fair exchange, publicly verifiable secret and signature sharing, universally composable commitments, group signatures, and confirmer signatures.

Apparatus and method for protecting privacy while revealing data

Abstract: A method of protecting privacy, while revealing data, includes: posting a question; posting a plurality of public key in response to the question, where a product of the public keys matches a value given as part of the question, and where a private key corresponds to one of the public keys; encrypting a message with one of the public keys; sending the encrypted message; and if the encrypted message was encrypted with the public key with the corresponding private key, then decrypting the encrypted message. An apparatus for protecting privacy, while revealing data, includes: a first computer configured to post a question; a second computer configured to post a plurality of public key in response to the question, where a product of the public keys matches a value given as part of the question, and where a private key corresponds to one of the public keys, where the first computer is further configured to encrypt a message with one of the public keys and send the encrypted message, and where the second computer is further configured to decrypt the encrypted message if the encrypted message was encrypted with the public key with the corresponding private key.

A proposed key escrow system for secure patient information disclosure in biomedical research databases.

Abstract: Access to clinical data is of increasing importance to biomedical research. The pending HIPAA privacy regulations provide specific requirements for the release of protected health information. Under the regulations, biomedical researchers may utilize anonymized data, or adhere to HIPAA requirements regarding protected health information. In order to provide researchers with anonymized data from a clinical research database, we reviewed several published strategies for de-identification of protected health information. Critical analysis with respect to this project suggests that de-identification alone is problematic when applied to clinical research databases. We propose a hybrid system; utilizing secure key escrow, de-identification, and role-based access for IRB approved researchers.

Identity Based Authenticated Key Agreement Protocols from Pairings.

Abstract: We investigate a number of issues related to identity based authenticated key agreement protocols using the Weil or Tate pairings. These issues include how to make protocols efficient; how to avoid key escrow by a Trust Authority (TA) who issues identity based private keys for users, and how to allow users to use different Trusted Authorities. We describe a few authenticated key agreement (AK) protocols and AK with key confirmation (AKC) protocols which are modified from Smart’s AK protocol [Sm02]. We study the security of these protocols heuristically and using provable security methods. In addition, we prove that our AK protocol is immune to key compromise impersonation attacks, and we also show that our second protocol has the TA forward secrecy property (which we define to mean that the compromise of the TA’s private key will not compromise previously established session keys). We also show that this TA forward secrecy property implies that the protocol has the perfect forward secrecy property.

Cryptographic one time pad technique

Abstract: A variant on the ‘One Time Pad’ cipher is used to provide an encrypted link between two or more stations. The main feature of this variant is the use of a unique and easily created Pseudo-Random Number Sequence segment not having any internal repeats. At one station, a mixing function is used to combine a locally created stream of truly random bytes with a portion of this unique PRNS segment, yielding a fresh stream of truly random data. This freshly created stream of truly random data is operated on in such a way as to create a new and unique PRNS element set which is used to control the functioning of a PRNS generator. The PRNS generator is used to create a new and unique PRNS segment which has a repeat period much longer than the length of the PRNS element set used to create it. It is then useful to treat the PRNS element set as a message and transfer it across the encrypted link to other stations. In this fashion, this OTP cipher variant can be re-keyed and used for as long as there is a continuing source of truly random data available at one of the stations on the network. This technique of using unique and freshly created PRNS segments rather than the classic One Time Pad allows encrypted networks to function independently of any central key distribution regimens or Public Key Infrastructures, making such an encrypted network proof against security breaches perpetrated upon, or key escrow schemes propagated through, such external key distribution infrastructures. This technique also provides certain securities against willful betrayals by tempted users or coerced revelations by users under duress.

Three party cryptosystem having pairs of private keys

Abstract: Users (A, B) of a cryptosystem send and receive messages with the help of a trusted third party (TTP) using private keys (X) and public keys (P) which encapsulate said private keys. Each user (A, B) holds a private key (X A1 , X B1 ) and the third party is entrusted with a corresponding private key (X A2 , X B2 ) for each user. The trusted third party responds to a challenge (CHA) from a user by issuing a response (RES) which encapsulates the corresponding private key (X A2 , X B2 ) so that the user can use the response in combination with the private key (X A1 , X B1 ) it already holds to decrypt or sign a message. The response takes the form mod p, where r is a private parameter, p is a public system parameter ( eg . a large prime) and H is an exponent function ( eg . a one-way, collision-resistance hash function). The message (e) is then decrypted to obtain the original message (m) via m = e mod p. This system removes the need for key escrow or Public Key Infrastructure (PKI) since the trusted third party is required to know only a private key corresponding to the private key of each user, rather than the user's private key itself.

Key recovery for the commercial environment

Abstract: We propose an efficient, scalable, certification-based key recovery system that is a hybrid of the key escrow and key encapsulation techniques. The proposed key recovery system is highly flexible and can be employed in a variety of policy environments. It possesses the properties required for commercial key recovery systems. We demonstrate the claims by comparing the computation and communication requirements for our proposal with a key recovery solution implemented by IBM.

On a Threshold Key Escrow Scheme

Abstract: Proposes a multistage threshold key escrow scheme, based on Elgamal public key cryptosystem and shamir threshold method, This scheme can effectively resist subliminal channel attack, prevent supervision agency to have too much power, verify the secret pieces of the user's private key, and disclose the failure or corrupted escrow agents

Controlling access to data or documents

Abstract: A method for access to data or documents receives the document or data in encrypted format, receives access policy data relating to the data or document, reads the access policy data and verifies individual conditions specified in the access policy data, and allows decryption of the data or document if the conditions are successfully verified. The method uses a secure control apparatus which includes a key escrow component to safeguard private keys. There may also be a policy enforcement and key management device in a separate tamper-proof casing, the device preferably including a communications port, a policy enforcement component, an identification component and a tamper detection component.

A Key Escrow Scheme with Time-Limited Monitoring for One-way Communication

Abstract: This paper studies several of the properties necessary for public key based escrow schemes, and observes that previous schemes lack some important properties. Focusing on the type of communication typified by e-mail, we construct a novel and simple scheme that provides “warrant bounds”, “admissibility”, “surveillance switching”, “non-directive monitoring”, “off-line agency”, “target hiding” and many other useful properties all at the same time.

A Threshold Key Escrow Scheme Based on ElGamal Public Key Cryptosystem

Abstract: In order to protect sensitive information against unauthorized interception, the communication can be encrypted before they are transmitted and decrypted upon receipt. At the same time, encryption also is used to conceal criminal and terrorist activities. On April 16, 1993, the U.S. Government announced a new encryption initiative aimed at providing a high level of communication security and privacy without jeopardizing effective law enforcement, public safety, and national security. The initiative is based on a special tamper resistant hardware encryption device (Clipper Chip) and a key escrow system. In the existing most (threshold) key escrow schemes, the monitor agency firstly recovers the system key and then decrypts LEAF to obtain session key. Once the monitor agency monitors a user, it may monitor communications of all users, namely "once monitor, monitor for ever". In this paper, we propose a threshold key escrow schemes based on ElGamal cryptosystem. In our scheme, every escrow agency gets sub message using his secret shadow. Each time monitor agency can recover the whole message (session key) by using k sub messages. But nothing about the whole message can be obtained when the number of the sub messages is less then k . The attacker cannot get any information about system key and secret shadow by the known sub messages. The proposed scheme not only solves the problem of "once monitor, monitor for ever", but also solves the Shamir's problem. In the scheme, every escrow agency can verify correctness of the secret shadow that he escrows during secret shadow distribution and monitor agency can exactly decide which escrow agency forges or tampers secret shadow during monitor procedure. Thus the scheme has the property of robustness. Since the proposed theme is threshold key escrow scheme, monitor agency can easily reconstruct session key sk when an escrow agency or few agencies is not cooperating. In addition, it can also resist LEAF Feedback attacks.

A Secure and Efficient General VSS Protocol

Abstract: Verifiable secret sharing (VSS) is a very important tool in cryptography and information security. Many threshold VSS schemes are available in the literature, but only a little attention has been paid to general VSS. In this paper, the problem of general verifiable secret sharing is considered. Based on a general secret sharing scheme, Feldman抯 VSS scheme is extended to the case of arbitrary monotone access structures. A secure and efficient general VSS protocol is proposed. The newly proposed protocol is non-interactive, and has the best information rate. It may have practical applications in many areas, such as key escrow, group oriented cryptography, and fault-tolerant secure computation etc.

New Identity Escrow Scheme for Anonymity Authentication

Abstract: When a user and a service provider carry out the authentication process, a user's identity may be exposed and this issue has become a serious social problem. To solve this problem, identity escrow scheme is suggested. In the identity escrow scheme, the issuer who has accurate user identity safely transmits anonymous authentication information to the user and by utilizing this information, the user proceeds authentication steps with the service provider while keeping anonymity. In this thesis, requirements for security and trusty of the identity escrow scheme are suggested and new mechanism is proposed to satisfy them. Also, methods for a service provider to safely transmit the contents to the user and improved mechanism able to support key escrow in encryption communication using the key generated by key agreement among users in the same domain are proposed.

Key Exchange and Key Recovery System in Wireless Communications using Key Escrow

Abstract: Wireless communications require the cryptography system which satisfies a opposite purpose as safety and efficiency. In this paper we proposed the efficient key distribution system satisfying in wireless communication using escrow in order to satisfy the requirements. We supplemented the key recovery function to prevent side effects of cryptography and it is possible to check verification. Also, transmitted information is a little so that the system is efficient. The proposed key recovery method can be applicable to various application fields.