Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Cryptographic key recovery

Abstract: Internet/intranet security has witnessed an explosive and exciting growth in the past two years. Under the surface of excitement lies a mine of technical and commercial challenges. Without solving these challenges, secure systems will not reach their expected potential. Security can be achieved via encryption. Encryption uses "keys" to encrypt and decrypt the information. Without having the cryptographic key, the enciphered information will never be converted into its original text. In case of key loss or damage or forgetting the key password, there should be a mechanism to recover the cryptographic keys and decipher the encrypted information. This paper describes a key recovery mechanism to facilitate the recovery of encryption keys and encrypted data. The mechanism does not require keys to be escrowed. It is based on adding an extra small field-the Key Recovery Entry (KRE)-to a message or file being transmitted. This mechanism facilitates key recovery both for session keys in symmetric cryptographic systems and private keys in asymmetric cryptographic systems without any need to escrow any key information. The author makes the differentiation between key escrow and key recovery.

A unified security framework for multi-domain wireless mesh networks

Abstract: The research issues of large scale wireless mesh networks (WMNs) have attracted increasing attention due to the excellent properties of WMNs. Although some proposals for WMN security framework with different security aspects have been put forward recently, it is a challenging issue of employing uniform public key cryptography to maintain trust relationships flexibly among domains and to achieve key-escrow-free anonymous access control. In this paper, a unified security framework (USF) for multi-domain wireless mesh networks is proposed, which unifies id-based encryption and certificateless signature in a single public key cryptography context. Trust relationship between different domains and anonymous access control of wireless clients can be realized by employing of cryptography operations on bilinear groups. To achieve perfect forward secrecy and attack-resilience, trust domain construction methods and authentication protocols are devised within the security framework without key escrow.

A Certificateless Authenticated Key Agreement Scheme for the Power IoT

Abstract: Power Internet of Things (IoT) is the application of IoT technology in the field of power grid, which can better control all kinds of power equipment, power personnel and operating environment. However, access to mass terminals brings higher requirements for terminal authentication and key management for the power IoT. And the traditional public key infrastructure (PKI) and identity-based public key cryptography (IB-PKC) exist the problems of certificate management and key escrow. Therefore, the paper proposes a novel authenticated key agreement scheme based on the certificateless public key cryptography (CL-PKC) mechanism. In addition, the proposed scheme is proven with the improved extended Canetti-Krawczyk (eCK) security model. Finally, the implementation of the authenticated key agreement protocol is given based on the actual application requirement of the power IoT, and the analysis and comparison of the simulation demonstrates that the proposed scheme has higher efficiency and would be suitable for the power IoT.

Certificateless Partially Blind Signatures

Abstract: Partially blind signature is a variant of blind signature. It allows a signer to explicitly include common information in a blind signature under some agreement with a receiver. It provides anonymity of users in applications such as electronic voting and electronic payment systems. While certificateless public key cryptography eliminates the key escrow problem in identity public key cryptography. In this paper, we introduce the concept of partially blind signature into certificateless public key cryptography. The security model of certificateless partially blind signature scheme is defined. A certificateless partially blind signature scheme is presented as well. The scheme is proven existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption.

A Certificateless Authenticated Key Agreement Protocol for Digital Rights Management System

Abstract: Digital rights management (DRM) is the system which tries to ensure authorized content consumption. Current DRM systems either adopt public key cryptography (PKC) or identity based public key cryptography (ID-PKC). PKC associates certificate management which includes revocation, storage, distribution and verification of certificate, as a result, certificate authority becomes the bottleneck for the large network. While, ID-PKC has drawback of key escrow. However, for secure and authorized content distribution, evacuation from these problems is needed. In this paper, we present a certificateless authenticated key agreement protocol for DRM system, which ensures flawless mutual authentication and establishes a session key between user and license server. Furthermore, we analyzed proposed scheme to show that proposed scheme is secured.