Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Secure Data Retrieval for Decentralized Disruption-Tolerant Military

Abstract: Mobile nodes in military environments such as a Battlefield or hostile regions are likely to suffer from intermittent network connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by exploiting external storage nodes. Some of the most challenging issues in this scenario are the enforcement of Authorization policies and the policies update for secure data retrieval. Cipher text-policy attribute-based encryption (CP- ABE) is a promising cryptographic solution to the access control issues. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities. In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the confidential data distributed in the disruption-tolerant military network. Keywords— Access control, attribute-based encryption (ABE), disruption-tolerant network (DTN),multiauthority, secure data retrieval.

Certificateless Signature Scheme Based on Rabin Algorithm and Discrete Logarithm

Abstract: Certificateless signature can effectively immue the key escrow problem in the identity-based signature scheme. But the security of the most certificateless signatures usually depends on only one mathematical hard problem, which makes the signature vulnerable when the underlying hard problem has been broken. In order to strengthen the security, in this paper, a certificateless signature whose security depends on two mathematical hard problems, discrete logarithm and factoring problems, is proposed. Then, the proposed certificateless signature can be proved secure in the random oracle, and only both of the two mathematical hard problems are solved, can the proposed signature be broken. As a consequence, the proposed certificateless signature is more secure than the previous signatures. On the other hand, with the pre-computation of the exponential modular computation, it will save more time in the signature signing phase. And compared with the other schemes of this kind, the proposed scheme is more efficient.

Key Escrow Attack Risk and Preventive Measures

Abstract: Cryptographic technology is always a highly sensitive dual-use technology. All nations have to face a dilemma in terms of password usage: on the one hand, to fully guarantee the safety and confidentiality of personal communication, as well as personal privacy and communication freedom required by law; on the other hand, to make sure law-enforcing departments and security organs crack down and prevent crime. It might be a great help for crime and terrorist organizations that the wide application of cryptography is made public. Many people believe that plain text communicated through the public network is accessible to an appropriate government agency if law permits. Therefore, it has become a continuous hot issue of cryptographic technology that how to design a cryptographic system through which legal persons are able to protect the safety of their information, yet being monitored by government in the range permitted by law. In this study, an in-depth study is carried out on the controversial key escrow technology, analyzing its composition and algorithm and pointing out possible attacks and preventive measures.

An efficient and robust certificateless short signature scheme

Abstract: Certificateless cryptography is introduced to eliminate certificate management in traditional public key cryptography and key escrow problem in identity-based cryptography. In this paper, an efficient certificateless signature scheme is proposed. It has the following advantages. First, pairing operations in signing phrase are eliminated and only two pairing operations are involved in verifying phrase, the signature length is also reduced to 160 bits. Second, user's public key is bound with his/her private key, so public key replacement attack can hardly be implemented. Last, the scheme is proven secure against existential forgery of adaptively chosen message attack in random oracle model.