Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Scalable Key-Escrow

Abstract: We propose a cryptosystem that has an inherent key escrow mechanism. This leads us to propose a session based public verifiable key escrow system that greatly improves the amount of key material the escrow servers has to keep in order to decrypt an encryption. In our scheme the servers will only have a single secret sharing, as opposed to a single key from every escrowed player. This is done while still having the properties: 1) public verifiable: the user proves to everyone that the encryption can indeed be escrowed, and 2) no secret leakage: no matter how many decryptions a law enforcement agency is presented, it will gain no more information on the users private key, than it couldn’t have calculated itself.

Asymmetrical escrow system for use in non-cooperative bargaining relationships

Abstract: An escrow system that comprises correlating confidential data defining a fixed condition or set of conditions for a release of escrow with data presented in an indefinite series of confidential presentations seeking to satisfy that condition or set of conditions. The system involves a process whereby the conditions for a release of the escrow are fixed (i.e. reduced to writing and not subject to change for a specified period of time) but are not fully disclosed to a party seeking a release of the escrow. Instead, a party seeking a release of the escrow is permitted to submit an indefinite number of confidential presentations seeking to satisfy all of those fixed conditions, both disclosed and undisclosed. The fact and contents of each such presentation are treated as confidential unless the presentation results in a determination by the System that all of the fixed conditions have been satisfied.

A Concrete Certificateless Signature Scheme without Pairings

Abstract: Certificateless public key cryptography was introduced to avoid the inherent key escrow problem in identity-based cryptography, and eliminate the use of certificates in traditional PKI. Most cryptographic schemes in certificateless cryptography are built from bilinear mappings on elliptic curves which need costly operations. Despite the investigation of certificateless public key encryption without pairings, certificateless signature without pairings received much less attention than what it deserves. In this paper, we present a concrete pairing-free certificateless signature scheme for the first time. Our scheme is more computationally efficient than others built from pairings. The new scheme is provably secure in the random oracle model assuming the hardness of discrete logarithm problem.

Privacy-Preserving Multi-Receiver Certificateless Broadcast Encryption Scheme with De-Duplication

Abstract: Nowadays, the widely deployed and high performance Internet of Things (IoT) facilitates the communication between its terminal nodes. To enhance data sharing among terminal devices and ensure the recipients’ privacy protection, a few anonymous multi-recipient broadcast encryption (AMBE) proposals are recently given. Nevertheless, the majority of these AMBE proposals are only proven be securely against adaptively chosen plain-text attack (CPA) or selectively chosen ciphertext attack (CCA). Furthermore, all AMBE proposals are subjected to key escrow issue due to inherent characteristics of the ID-based public cryptography (ID-PKC), and cannot furnish secure de-duplication detection. However, for cloud storage, it is very important for expurgating duplicate copies of the identical message since de-duplication can save the bandwidth of network and storage space. To address the above problems, in the work, we present a privacy-preserving multi-receiver certificateless broadcast encryption scheme with de-duplication (PMCBED) in the cloud-computing setting based on certificateless cryptography and anonymous broadcast encryption. In comparison with the prior AMBE proposals, our scheme has the following three characteristics. First, it can fulfill semantic security notions of data-confidentiality and receiver identity anonymity, whereas the existing proposals only accomplish them by formalizing the weaker security models. Second, it achieves duplication detection of the ciphertext for the identical message encrypted with our broadcast encryption. Finally, it also avoids the key escrow problem of the AMBE schemes.

Server-client key escrow for applied key management system and process

Abstract: Embodiments described herein relate to apparatuses and methods for registering and storing a local key associated with a local application of a communication device, including, but not limited to, receiving a request from the communication device to register and store the local key, evaluating the request based on at least one first policy, and sending the request to register and store the local key to a secure key storage.