Publicly Verifiable Key Escrow with Limited Time Span
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Key Recovery System for the Commercial Environment
ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
A Key Escrow System with Warrant Bounds
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Escrow Encryption Systems Visited: Attacks, Analysis and Designs
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Failsafe Key Escrow
| Hi-index | 0.00 |
Key recovery is a technology that allows the owner of encrypted data or a trusted third party to recover encrypted data, mostly by reconstructing lost decryption key. In [HLG99], Harn et al proposed a Global Key Recovery System (GKRS) that combines the functions of the key recovery authorities and the public key certification authorities (CAs). Among other features, userdominance, i.e., a user is allowed to select his own public-private key pair and especially a public element for verifying the validity of the public-private key pair, is considered extremely important by [HLG99] for wide acceptance of GKRS. In this paper, we attack the RSA version of GKRS by showing that its user-dominant feature and the corresponding key verification scheme employed by the CAs allow for fraud by users against CAs. We then propose an improvement to the original GKRS. The improved system makes the probability of user fraud negligibly small.