Practical Solutions to Key Recovery Based on PKI in IP Security
IPSec is a security protocol suite that provides encryption and authentication services for IP messages at the network layer of the Internet. Key recovery has been the subject of a lot of discussion, of much controversy and of extensive research. Key recovery, however, might be needed at a corporate level, as a form of key management. The basic observation of the present paper is that cryptographic solutions that have been proposed so far completely ignore the communication context. We propose example to provide key recovery capability by adding key recovery information to an IP datagram. It is possible to take advantage of the communication environment in order to design key recovery protocols that are better suited and more efficient.
KeywordsInternet Protocol Trusted Third Party Authentication Service Internet Engineer Task Force Security Association
Unable to display preview. Download preview PDF.
- 1.N. Jefferies, C. Mitchell, and M. Walker, “A Proposed Architecture for Trusted Third Party Services”, in Cryptography: Policy and Algorithms, Proceedings: International Conference BrisAne, Lecture Notes In Computer Science, LNCS 1029, Springer-Verlag, 1995Google Scholar
- 2.R. Gennaro, P. Karger, S. Matyas, M. Peyravian, A. Roginsky, D. Safford, M. Zollett, and N. Zunic. Two-Phase Cryptography Key Recovery System. In computers & Security, Pages 481–506. Elsevier Sciences Ltd, 1997Google Scholar
- 3.D. M. Balenson, C. M. Ellison, S.B. Lipner and S. T. Walker, “A new Approach to Software Key Encryption”, Trusted Information SystemsGoogle Scholar
- 9.T. Markham and C. Williams, Key Recovery Header for IPSEC, Computers & Security, 19, 2000, Elsevier ScienceGoogle Scholar
- 10.D. Balenson and T. Markham, ISAKMP Key Recovery Extensions, Computers & Security, 19, 2000, Elsevier ScienceGoogle Scholar
- 13.H. Abelson, R. Anderson, S. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P. Neumann, R. Rivest, J. Schiller, and B. Schneirer. The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption. Technical report, 1997. Available from http://www.crypto.com/key-study
- 14.NIST, “Escrow Encryption Standard (EES)”, Federal Information Processing Standard Pubilication (FIPS PUB) 185, 1994Google Scholar
- 15.J. Nieto, D. Park, C. Boyd, and E. Dawson, “Key Recovery in Third Generation Wireless Communication Systems”, Public Key Cryptography-PKC2000, LNCS 1751, pp. 223–237, 2000Google Scholar
- 16.K. Rantos and C. Mitchell. “Key recovery in ASPeCT Authentication and Initialization of Payment protocol”, Proc. Of ACTS Mobile Summit, Sorrento, Italy, June 1999Google Scholar