Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Communication method with encryption key escrow and recovery

Abstract: The invention concerns a method whereby the entity starting a communication session generates a session key (KS) using a pseudo-random generator initialised by the secret key (Sa) of the entity and an initial value (VI). The message is encrypted by the session key. The latter can be retrieved by the escrow authority (Ta), which archives the secret key (Sa) and can recover the initial value (VI). The invention is applicable to secure communications.

Multi-authority attribute-based encryption scheme from lattices

Abstract: Access control can selectively restrict access to sensitive information stored by third-party sites on the Internet. Attribute-based encryption (ABE) schemes can strengthen the effective combination of flexibility and operability of access control. They allow one sender to encrypt a message for more than one recipient, and to spec- ify who should be able to decrypt, using attributes alone. Since 2005, many powerful ABE schemes have been presented, but there are two types of problem that haven't be efficiently resolved so far. On the one hand, as practical extension of identity-based encryption (IBE) schemes, ABE schemes are also confronted with key escrow problem. On the other hand, attribute set belonging to one user is usually monitored by different authorities in this era of collaboration. Multi-authority ABE (MA-ABE) schemes can simultaneously resolve these problems, but now they have not been thoroughly inves- tigated yet. More precisely, MA-ABE schemes against quantum attack are the main barrier of the development of ABE schemes in a 'post-quantum' world. In this paper, we firstly present a MA-ABE scheme from lattices, in which identities of users are authenticated by a central authority, which improves the efficiency of authentication. Furthermore, different attribute private keys are still distributed by different authorities, and the central authority cannot obtain any secret information of other attribute authorities, which resolves key escrow problem to some extent. In MA- ABE, attribute private keys belonging to one user are generated by different authorities, and how to ensure correct decryption is one of the crux of schemes. Our scheme gives a simple solution, and each user's attribute private keys are combined using sharing of common public information to automatically realize correct decryption. To our best knowledge, this is the first MA-ABE scheme from lattices, and it is more efficient than the MA-ABE presented by Melissa Chase. Finally, we present a multi-authority large universe ABE scheme, in which the sizes of the public key and the ciphertext are only relative to the number of the attribute authorities, and a user will be able to decrypt a ciphertext if and only if he has at least tK attributes from each authority K.

A Certificateless Key Management Scheme in Mobile Ad Hoc Networks

Abstract: Key management plays an important role in the security of today's information technology, especially in wireless and mobile environments like mobile ad hoc networks (MANETs) in which key management has received more and more attention for the difficulty to be implemented in such dynamic network. Traditional key management schemes are mainly based on PKI and identity-based public key cryptography (ID-PKC), which suffers from the computational costs of certificate verification and the key escrow problem. In this paper, we present a novel distributed key management scheme, a combination of certificateless public key cryptography (CL-PKC) and threshold cryptography, which not only eliminates the need for certificate-based public key distribution and the key escrow problem but also prevents single point of failure.

Certificateless Proxy Re-Encryption Without Pairings

Abstract: Proxy re-encryption (PRE) allows a proxy with re-encryption keys to transform a ciphertext under a given public key into a ciphertext of the same message under a different public key, and can not learn anything about the encrypted message. Due to its transformation property, PRE has many practical applications such as cloud storage, confidential email, and digital right management, and so on. Certificateless proxy re-encryption (CLPRE) provides not only the transformation property of PRE but also the advantage of identity-based cryptography without suffering from its inherent key escrow. Unfortunately, construction of CLPRE schemes has so far depended on the costly bilinear pairings. In this paper, we propose the first construction of CLPRE schemes without the bilinear pairings whose security is based on the standard computational Diffie-Hellman (CDH) assumption in the random oracle model. We first present a chosen-plaintext (CPA) secure CLPRE scheme, and then convert it into a chosen-ciphertext (CCA) secure CLPRE scheme. Compared with other CLPRE schemes, our CLPRE schemes provide the shortest re-encryption key and do not require any pairing operation and map-to-point hash operation, which are more efficient and more suitable for low-power devices.

Escrow payment to faciliate on-line transactions

Abstract: A system and method enables sellers to define a secret shared with an on-line payment provider when listing an item or service for purchase. Consumers deposit funds into an on-line escrow or holding account before committing to a financial on-line transaction or purchase. Once an item is located, the consumer may contact the seller for additional information. By placing funds in escrow, the seller may be more willing to spend the time and effort to deal with the consumer. The consumer, in turn, receives more information to make a purchasing decision. If the transaction is to he completed, the consumer instructs the payment provider maintaining the escrow account to release the funds to the seller's account. The seller is notified by the payment provider, where the notification includes the secret. This enables the seller to authenticate the confirmation message.