Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Managing session secrets for continuous packet capture systems

Abstract: Embodiments are direct to monitoring communication between computers may be using network monitoring computers (NMCs). Network packets that are communicated between the computers may be captured and stored in a data store. If the NMCs identify a secure communication session established between two computers, the NMCs may obtain key information that corresponds to the secure communication session that includes a session key that may be provided by a key provider. Correlation information associated with the secure communication session may be captured by the NMCs. The correlation information may include tuple information associated with the secure communication session. And, the key information and the correlation information may be stored in a key escrow. The key information may be indexed in the key escrow using the correlation information.

Certificate-based Anonymous Authentication Protocol for Vehicular Ad-hoc Network

Abstract: Certificate-based Cryptography (CBC) combines the advantages of ID-based cryptography (implicit certification) and traditional PKI approach (no key escrow). Based on CBC, an anonymous authentication protocol featured with conditional privacy preservation and non-repudiation is proposed for vehicular ad-hoc network. First, a certificate-based signature scheme with only one pairing computation and only one element signature is proposed. Then, an anonymous authentication protocol is constructed by applying the proposed signature scheme and a novel concept called the account index which helps to realize On-Board Units anonymity, non-reputation, and conditional privacy preservation. A secure session key is established in the protocol which provides perfect forward secrecy.

On solutions to the key escrow problem

Abstract: The first part of this paper is devoted to explaining what key escrow is and why it exists, and attempts to put it into a historical context. The subsequent focus is primarily on key escrow schemes which will work in an international environment. The possibility of using conventional key distribution techniques to provide key escrow services in an international context is first considered, and the associated problems are explored. The 'Royal Holloway' (RH) key escrow scheme is then described in a way which is intended to clarify and motivate its design, and the properties of this scheme and some related schemes are considered.

Certificateless Deniable Authenticated Encryption for Location-Based Privacy Protection

Abstract: Deniable authenticated encryption (DAE) is a cryptographic primitive that supports data confidentiality with deniable authentication in an efficient manner. The DAE plays a significant role in location-based service systems for privacy protection. In this paper, we construct a certificateless DAE (CLDAE) scheme. The CLDAE is based on certificateless cryptosystems (CLCs), which avoids the need to manage public key certificates in public key infrastructure (PKI)-based cryptosystems and key escrow problems in identity-based cryptosystems (IBCs). Our design utilizes hybrid methods: tag-key encapsulation mechanism (TKEM) and data encapsulation mechanism (DEM). This technique is more suitable for location-based applications. We show how to construct a CLDAE scheme utilizing a certificateless deniable authenticated tag-KEM (CLDATK) and a DEM. We also design a CLDATK scheme and provide formal security proof using the random oracle model (ROM). We conduct a comprehensive performance analysis, which shows that CLDAE is highly efficient in terms of communication overhead. We also provide an application of the CLDAE for a location-based service (LBS) system.