Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Handcuffing big brother: an abuse-resilient transaction escrow scheme: (Extended abstract)

Abstract: We propose a practical abuse-resilient transaction escrow scheme with applications to privacy-preserving audit and monitoring of electronic transactions. Our scheme ensures correctness of escrows as long as at least one of the participating parties is honest, and it ensures privacy and anonymity of transactions even if the escrow agent is corrupt or malicious. The escrowed information is secret and anonymous, but the escrow agent can efficiently find transactions involving some user in response to a subpoena or a search warrant. Moreover, for applications such as abuse-resilient monitoring of unusually high levels of certain transactions, the escrow agent can identify escrows with particular common characteristics and automatically (i.e., without a subpoena) open them once their number has reached a pre-specified threshold. Our solution for transaction escrow is based on the use of Verifiable Random Functions. We show that by tagging the entries in the escrow database using VRFs indexed by users' private keys, we can protect users' anonymity while enabling efficient and, optionally, automatic deescrow of these entries. We give a practical instantiation of a transaction escrow scheme utilizing a simple and efficient VRF family secure under the DDH assumption in the Random Oracle Model.

Notice of Retraction A new certificateless threshold signature scheme for mobile ad hoc network

Abstract: Mobile ad hoc network (MANET) provides an alternative for military applications and disaster response scenarios where fixed networking infrastructure may not be available, but it faces significantly more security considerations than wired network due to its lack of physical infrastructures or centralized authorities. So it poses a number of security challenges to a protocol designer. The main contribution of this paper is a certificateless threshold signature scheme without a trusted party based on the difficulty of solving the computational bilinear Diffie-Hellman problem. Comparing to most of the presented schemes, nodes of our scheme cooperate to generate the master key to eliminate any form of trusted third party and do not need to use any certificate to guarantee the authenticity of the public key. The proposed signature scheme overcomes the inherent key escrow problem of the ID-based public key cryptography (ID-PKC) while avoiding the complicated certificates management of the public key infrastructure (PKI). Moreover, it is provably secure.

An efficient certificateless cryptography scheme without pairing

Abstract: We propose a mediated certificateless encryption scheme without pairing operations. Mediated certificateless public key encryption (mCL-PKE) solves the key escrow problem in identity based encryption and certificate revocation problem in public key cryptography. However, existing mCL-PKE schemes are either inefficient because of utilizing expensive pairing operations or vulnerable against a partial decryption attack. In order to address the performance and security is- sues, in this poster, we propose a novel mCL-PKE scheme. We implement our mCL-PKE scheme and a recent scheme, and evaluate the security and performance. Our results show that our algorithms are efficient and practical.

Distributed PKG ID based signcryption

Abstract: An identity-based signature scheme allows any pair of users to communicate securely and to verify each other's signatures without exchanging public key certificates. For achieving both confidentiality and authenticity simultaneously, signcryption schemes are used. This paper puts forward a new efficient construction for signcryption scheme which is based on inverse bilinear Diffie Hellman problem and Discrete Logarithmic problem. The proposed scheme is secure against chosen ciphertext attack and has least complexity in terms of computational complexity as compared to earlier proposed schemes. The proposed scheme also caters the inherent problem of Key Escrow where private key generator (PKG) is not trusted by the use of concept of distributed PKG.

Revocable Certificateless Public Key Encryption With Outsourced Semi-Trusted Cloud Revocation Agent

Abstract: Certificateless public key cryptography (CL-PKC) not only eliminates the need for certificates in traditional certificate-based PKC but also solves the inherent key escrow problem in identity-based PKC. However, an unsolved but critical issue in CL-PKC is how to revoke a misbehaving user. Some revocable certificateless public key encryption (RCL-PKE) schemes have been proposed, but these schemes have two main drawbacks: 1) public key uniqueness is not guaranteed, thus allowing the existence of multiple copies of each initial secret key. 2) The existing outsourced RCL-PKE schemes place excessive trust in the cloud server, which may continue to update decryption keys stealthily for misbehaving users. In this paper, we address these issues by proposing a novel RCL-PKE with semi-trusted cloud revocation agents (s-CRAs). We describe the framework and the security model for the RCL-PKE with s-CRA and prove that the proposed scheme is semantically secure against adaptive chosen-ciphertext attacks under the bilinear Diffie-Hellman assumption in the random oracle model. Furthermore, we compare the proposed scheme with previous RCL-PKE schemes in terms of performance and robustness. The evaluation results show that the proposed scheme achieves public key uniqueness and reliable revocation flexibility at low computational and communication costs.