Abstract
Key escrow cryptography has been becoming popular recently. A key escrow system bridges the gap between users’ privacy and social need for protection against criminal behavior. However, there are some disadvantages and controversies regarding the system. In this paper we review and analyze the weaknesses of several recent protocols. The protocols are examined with respect to their claimed issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
H. Abelson, R. Anderson, S.M. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P.G. Neumann, R.L. Rivest, J.I. Schiller, B. Schneier, “The risks of key recovery, key escrow and trusted third-party encryption”, May 1997 (rev. 1998).
R. Anderson and R. Needham, “Robustness principles for public-key protocols”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.236–247.
R. Anderson and M. Roe, “The GCHQ protocol and its problems”, Advanced in Cryptology-Eurocrypt’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1233, 1997, pp.134–148.
D.M. Balenson, C.M. Ellison, S.B. Lipner, and S.T. Walker, “A new approach to software key escrow encryption”, manuscript, 1994.
M. Bellare and S. Goldwasser, “Encapsulated key escrow”, MIT/LCS Technical Report 688, April 1996.
M. Bellare and S. Goldwasser, “Verifiable partial key escrow”, The 4th ACM Conference on Computer and Communications Security, 1997.
M. Bellare and R.L. Rivest, “Translucent cryptography-An alternative to key escrow, and its implementation via fractional oblivious transfer”, Journal of Cryptology. 12(2), 1999, pp.117–139.
T. Beth, H.-J. Knobloch, M. Otten, G. Simmons, P. Wichmann, “Towards acceptable key escrow systems”, Proc. 2nd ACM Conference on Computer and Communications Security, Fairfax, Nov. 2-4, 1994, pp.51–58.
T. Beth, M. Otten, (ed.), “E.I.S.S.-Workshop on escrowed key cryptography”, E.I.S.S.-Report 94/7, University of Karlsruhe, June 22-24, 1994, 160 pages.
M. Blaze, “Protocol failure in the escrowed encryption standard”, Building in Big Brother: The Cryptographic Policy Debate (Edited by L.J. Hoffman), Springer-Verlag, pp.131–146.
M. Blaze, “Protocol failure in the escrowed encryption standard”, The 2nd ACM Conference on Computer and Communications Security, November 1994, pp.59–67.
M. Blaze, “Oblivious key escrow”, Cambridge Workshop on Information Hiding, May 1996.
M. Burmester, Y.G. Desmedt, and J. Seberry, “Equitable key escrow with limited time span (or, How to enforce time expiration cryptographically)”, Advanced in Cryptology-Asiacrypt’98, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1514, pp.380–391.
CESG, “Securing electronic mail within HMG: Part I. Infrastructure and protocol, Draft C”, 21 March 1996, available at http://www.opengroup.org/public/tech/security/pki/casm/casm.htm
I. Damgard, M. Mambo and E. Okamoto, “Further study on the transformability of digital signatures and the blind decryption”, The 1997 Symposium on Cryptography and Information Security, SCIS97-33C, 1997.
E. Dawson and J. He “Another approach to software key escrow encryption”, First Australasian Conference on Information Security and Privacy, ACISP’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1172, 1996, pp.87–95.
D.E. Denning and D.K. Branstad, “A taxonomy of key escrow encryption systems”, Communications of the ACM, 39(3), March 1996, pp.34–40.
S. Domyo, U. Hisashi, H. Tsuchiya, K. Toru, T. Tanida, N. Torii, M. Mambo, E. Okamoto, “Development of a Key Recovery System Suitable for the Commercial Use”, The 56th National Convention of the Information Processing Society of Japan, 6F-05, 1998.
The FBI, “Law enforcement REQUIREMENTS for the surveillance of electronic communications”, June 1994. (Prepared by the Federal Bureau of Investigations (FBI) in cooperation with federal, state, and local law enforcement members of the National Technical Investigation Association).
P.-A. Fouque, G. Poupard and J. Stern, “Recovering keys in open networks”, 1999 IEEE-ITW (Information Theory Workshop), IEEE, June 1999.
Y. Frankel and M. Yung, “Escrow encryption systems visited: Attacks, analysis and designs”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.222–235.
P. Horster, M. Michels and H. Petersen, “A new key escrow system with active investigator”, Proc. Securicom, Paris, La Defense, 8.-9. June, 1995, S.15-28.; also see Theoretical Computer Science and Information Security Technical Report TR-95-4-f, Department of Computerscience, University of Technology Chemnitz-Zwickau.
N. Jefferies, C. Mitchell and M. Walker, “A proposed architecture for trusted third party services”, in E. Dawson and J. Golic, (eds.), Cryptography: Policy and Algorithms-Proceedings: International Conference, Brisbane, Australia, July 1995, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1029, Berlin, 1996, pp.98–104.
M. Joye and J.-J. Quisquater, “On the importance of securing your bins: The garbage-man-in-the-middle attack”, 4th ACM Conference on Computer and Communications Security, ACM Press, 1997, pp.135–141.
J. Kilian and T. Leighton, “Fair cryptosystems, revisited: A rigorous approach to key-escrow”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.208–221.
S.J. Kim, S.J. Park, and D.H. Won, “Proxy signatures, revisited”, Proc. of ICICS’97, International Conference on Information and Communications Security, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1334, 1997, pp.223–232.
L.R. Knudsen and T.P. Pedersen, “On the difficulty of software key escrow”, Advanced in Cryptology-Eurocrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1070, 1996, pp.237–244.
Y.-C. Lee and C.-S. Laih, “On the key recovery of the key escrow system”, Thirteenth Annual Computer Security Applications Conference”, IEEE Computer Society, December 8-12, 1997. pp.216–220.
A.K. Lenstra, P. Winkler and Y. Yacobi, “A key escrow system with warrant bounds”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.197–207.
M. Mambo, K. Sakurain and E. Okamoto, “How to utilize the transformability of digital signatures for solving the oracle problem”, Advanced in Cryptology-Asiacrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1163, 1996, pp.322–333.
M. Mambo, K. Usuda, and E. Okamoto, “Proxy signatures: Delegation of the power to sign messages”, IEICE Trans. Fundamentals, Vol.E79-A/No.9, 1996, pp.1338–1354.
M. Mambo, K. Usuda, and E. Okamoto, “Proxy signatures for delegating signing operation”, Proc. Third ACM Conf. on Computer and Communications Security, 1996, pp.48–57.
W. Mao, “Verifiable escrowed signature”, Second Australasian Conference in Information Security and Privacy, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1270, Sydney, July 1997., pp.240–248.
S. Micali, “Fair public-key cryptosystems”, Advanced in Cryptology-Crypto’92, Springer-Verlag, Lecture Notes in Computer Science, LNCS 740, 1992, pp.113–138.
S. Micali and R. Sidney “A simple method for generating and sharing pseudo-random functions, with Applications to Clipper-like Key Escrow Systems”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.185–196.
S. Miyazaki, I. Kuroda and K. Sakurai, “Toward fair international key escrow-An attempt by distributed trusted third agencies with threshold cryptography”, Second International Workshop on Practice and Theory in Public Key Cryptography, PKC’99, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1560, Kamakura, Japan, March 1-3, 1999, pp.171–187.
NIST, “Escrow Encryption Standard (EES)”, Federal Information Processing Standards Publication (FIPS PUB) 185”, 1994.
K. Ohta, “Remarks on Blind Decryption”, Okamoto, Davida, Mambo (Eds.): Proc. of ISW’97, Information Security Workshop, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1396, Tatsunokuchi, Ishikawa Japan, September 17-19 1997, pp.273–281.
E. Okamoto and K. Ohta, “Divertible zero knowledge interactive proofs and commutative random self-reducibility”, Advanced in Cryptology-Eurocrypt’89, Springer-Verlag, Lecture Notes in Computer Science, LNCS, 1990, pp.134–149.
T. Okamoto, “Threshold key-recovery systems for RSA” IEICE Trans. Fundamentals, Vol.E82-A/No.1, January 1999, pp.48–54.
S.J. Park, S.M. Park, D.H. Won, and D.H. Kim, “An efficient verifiable escrowed signature and its applications”, Journal of the Korean Institute of Information Security and Cryptology, 8(4), 1998.12., pp.127–138.
B. Pfitzmann and M. Waidner, “How to break fraud-detectable key recovery”, ACM Operating Systems Review 32(1), pp.23–28, January 1998.
R.L. Rivest, “Chaffing and winnowing: Confidentiality without encryption”, http://theory.lcs.mit.edu/∼rivest/chaffing.txt , March 18, 1998 (rev. July 1, 1998).
R.L. Rivest, A. Shamir and D.A. Wagner, “Time-lock puzzles and timed-release Crypto”, March 10, 1996.
K. Sakurai, Y. Yamane, “Blind decoding, blind undeniable signatures, and their applications to privacy protection”, Information hiding: first international workshop, R.J. Anderson, Ed., vol. 1174 of Lecture Notes in Computer Science, Isaac Newton Institute, Cambridge, England, May 1996, Springer-Verlag, Berlin, Germany. ISBN 3-540-61996-8., pp.257–264.
K. Sakurai, Y. Yamane, S. Miyazaki and T. Inoue, “A key escrow system with protecting user’s privacy by blind decoding”, Proc. of ISW’97, Information Security Workshop, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1396, 1997, pp.147–157.
A. De Santis, Y. Desmedt, Y. Frankel and M. Yung, “How to share a function securely”, Proceedings of the 26th Annual Symposium on Theory of Computing, ACM, 1994, pp.522–533.
A. Shamir, “Partial key escrow: A new approach to software key escrow”, Presented at Key escrow conference, Washington, D.C., September 15, 1995.
G.J. Simmons, “Subliminal communication is easy using the DSA”, Advanced in Cryptology-Eurocrypt’93, Springer-Verlag, Lecture Notes in Computer Science, LNCS 765, 1993, pp.T65–T81.
M. Stadler, “Publicly verifiable secret sharing”, Advanced in Cryptology-Eurocrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1070, 1996, pp.190–199.
T. Tanida, H. Tsuchiya, S. Domyo, N. Torii, M. Mambo and E. Okamoto, “Design and Implementation of a Key Recovery System”, The 55th National Convention of the Information Processing Society of Japan, 2T-01, 1997.
Y. Wang, “Abuses of probabilistic encryption schemes”, ELECTRONICS LETTERS, 16th April 1998, 34(8), pp.753–754.
A. Young and M. Yung, “The dark side of black-box cryptography-or-Should we trust capstone ?”, Advanced in Cryptology-Crypto’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1109, 1996, pp.89–103.
A. Young and M. Yung, “Kleptography: Using cryptography against cryptography”, Advanced in Cryptology-Eurocrypt’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1233, 1997, pp.62–74.
A. Young and M. Yung, “The prevalence of kleptographic attacks on discrete-log based cryptosystems”, Advanced in Cryptology-Crypto’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1294, 1997, pp.264–276.
A. Young and M. Yung, “Auto-recoverable auto-certifiable cryptosystems”, Advanced in Cryptology-Eurocrypt’98, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1403, 1998, pp.17–31.
A. Young and M. Yung, “Auto-recoverable cryptosystems with faster initialization and the escrow hierarchy”, Second International Workshop on Practice and Theory in Public Key Cryptography, PKC’99, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1560, Kamakura, Japan, March 1-3, 1999, pp.306–314.
“Threat and vulnerability model for key recovery (KR)”, http://www.fcw.com/pubs/fcw/1998/0413/web-nsareport-4-14-1998.html , 2/18/98 NSA, X3.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, S., Lee, I., Mambo, M., Park, S. (1999). On the Difficulty of Key Recovery Systems. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_18
Download citation
DOI: https://doi.org/10.1007/3-540-47790-X_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66695-0
Online ISBN: 978-3-540-47790-7
eBook Packages: Springer Book Archive