Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Self-certified Proxy Signcryption Scheme Based on Elliptic Curve Cryptography

Abstract: To overcome certificate management problem and key escrow problem in proxy signcryption schemes,a new self-certified proxy signcryption scheme based on elliptic curve cryptography(ECC) was proposed,it hardness relys on elliptic curve discrete logarithm problem(ECDLP).Compared with the existence literatures,the proposed scheme possesses good security and shorter key,less requirement of storage space and less bandwith requirement,lower computational complexity and communication cost.

A Mediated RSA-based End Entity Certificates Revocation Mechanism with Secure Concerned in Grid

Abstract: The End Entity Certificates (EECs) revocation mechanism in Grid Security Infrastructure (GSI) adopts Certificate Revocation List (CRL) currently. However, CRL is an inefficient mechanism with drawbacks of “time granularity problem” and unmanageable sizes. This paper presents a new EECs revocation mechanism MEECRM (Mediated RSA-based End Entity Certificates Revocation Mechanism) to eliminate “key escrow” problem. MEECRM combines with MyProxy - the online credential repository in Globus Tookit (GT). And some Schemes, such as HMAC, multi-SEM support and PVSS, have been introduced into MEECRM to increase the security and efficiency. MEECRM can ensure instantaneous revocation of invalid EECs in grid environments and can be used in many largescale grid projects because of inheriting from MyProxy. Analyses also prove that MEECRM is secure.

A key escrow system with protecting user's privacy by blind decoding

Abstract: We propose a new key recovery system with satisfying the following properties: 1. The court-authorized eavesdropping by the investigator is limited both in tapping time and in tapped conversation. 2. Trustees, who are cooperating with the investigator to eavesdrop a user's communication, cannot know whom the investigator is intercepting. 3. No investigator can obtain illegally the secret key of users against which no legitimate court order has been issued. Our system utilizes the blind decoding: a client has a message encrypted with a server's secret key and the client asks the server to decode the message without revealing what is the decoded plaintext nor learning the server's secret key. Our system also introduces two agencies besides the trustees. These are related to the mechanism of registering users and of distributing the user's escrowed keys, named Key Producer, and Registration Center. Our system can be implemented by using only the discrete-log based cryptosystems (the Diffie-Hellman and the ElGamal).

A Provably Secure Ring Signature Scheme in Certificateless Cryptography

Abstract: Ring signature is a kind of group-oriented signature. It allows a member of a group to sign messages on behalf of the group without revealing his/her identity. Certificateless public key cryptography was first introduced by Al-Riyami and Paterson in Asiacrypt 2003. In certificateless cryptography, it does not require the use of certificates to guarantee the authenticity of users' public keys. Meanwhile, certificateless cryptography does not have the key escrow problem, which seems to be inherent in the Identity-based cryptography. In this paper, we propose a concrete certificateless ring signature scheme. The security models of certificateless ring signature are also formalized. Our new scheme is provably secure in the random oracle model, with the assumption that the Computational Diffie-Hellman problem is hard. In addition, we also show that a generic construction of certificateless ring signature is insecure against the key replacement attack defined in our security models.