Skip to main content
SpringerLink
Log in

On the Difficulty of Key Recovery Systems

  • Conference paper
  • First Online:
Book cover Information Security (ISW 1999)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1729))

Included in the following conference series:

Abstract

Key escrow cryptography has been becoming popular recently. A key escrow system bridges the gap between users’ privacy and social need for protection against criminal behavior. However, there are some disadvantages and controversies regarding the system. In this paper we review and analyze the weaknesses of several recent protocols. The protocols are examined with respect to their claimed issues.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. H. Abelson, R. Anderson, S.M. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P.G. Neumann, R.L. Rivest, J.I. Schiller, B. Schneier, “The risks of key recovery, key escrow and trusted third-party encryption”, May 1997 (rev. 1998).

    Google Scholar 

  2. R. Anderson and R. Needham, “Robustness principles for public-key protocols”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.236–247.

    Google Scholar 

  3. R. Anderson and M. Roe, “The GCHQ protocol and its problems”, Advanced in Cryptology-Eurocrypt’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1233, 1997, pp.134–148.

    Google Scholar 

  4. D.M. Balenson, C.M. Ellison, S.B. Lipner, and S.T. Walker, “A new approach to software key escrow encryption”, manuscript, 1994.

    Google Scholar 

  5. M. Bellare and S. Goldwasser, “Encapsulated key escrow”, MIT/LCS Technical Report 688, April 1996.

    Google Scholar 

  6. M. Bellare and S. Goldwasser, “Verifiable partial key escrow”, The 4th ACM Conference on Computer and Communications Security, 1997.

    Google Scholar 

  7. M. Bellare and R.L. Rivest, “Translucent cryptography-An alternative to key escrow, and its implementation via fractional oblivious transfer”, Journal of Cryptology. 12(2), 1999, pp.117–139.

    Article  Google Scholar 

  8. T. Beth, H.-J. Knobloch, M. Otten, G. Simmons, P. Wichmann, “Towards acceptable key escrow systems”, Proc. 2nd ACM Conference on Computer and Communications Security, Fairfax, Nov. 2-4, 1994, pp.51–58.

    Google Scholar 

  9. T. Beth, M. Otten, (ed.), “E.I.S.S.-Workshop on escrowed key cryptography”, E.I.S.S.-Report 94/7, University of Karlsruhe, June 22-24, 1994, 160 pages.

    Google Scholar 

  10. M. Blaze, “Protocol failure in the escrowed encryption standard”, Building in Big Brother: The Cryptographic Policy Debate (Edited by L.J. Hoffman), Springer-Verlag, pp.131–146.

    Google Scholar 

  11. M. Blaze, “Protocol failure in the escrowed encryption standard”, The 2nd ACM Conference on Computer and Communications Security, November 1994, pp.59–67.

    Google Scholar 

  12. M. Blaze, “Oblivious key escrow”, Cambridge Workshop on Information Hiding, May 1996.

    Google Scholar 

  13. M. Burmester, Y.G. Desmedt, and J. Seberry, “Equitable key escrow with limited time span (or, How to enforce time expiration cryptographically)”, Advanced in Cryptology-Asiacrypt’98, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1514, pp.380–391.

    Chapter  Google Scholar 

  14. CESG, “Securing electronic mail within HMG: Part I. Infrastructure and protocol, Draft C”, 21 March 1996, available at http://www.opengroup.org/public/tech/security/pki/casm/casm.htm

  15. I. Damgard, M. Mambo and E. Okamoto, “Further study on the transformability of digital signatures and the blind decryption”, The 1997 Symposium on Cryptography and Information Security, SCIS97-33C, 1997.

    Google Scholar 

  16. E. Dawson and J. He “Another approach to software key escrow encryption”, First Australasian Conference on Information Security and Privacy, ACISP’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1172, 1996, pp.87–95.

    Chapter  Google Scholar 

  17. D.E. Denning and D.K. Branstad, “A taxonomy of key escrow encryption systems”, Communications of the ACM, 39(3), March 1996, pp.34–40.

    Article  Google Scholar 

  18. S. Domyo, U. Hisashi, H. Tsuchiya, K. Toru, T. Tanida, N. Torii, M. Mambo, E. Okamoto, “Development of a Key Recovery System Suitable for the Commercial Use”, The 56th National Convention of the Information Processing Society of Japan, 6F-05, 1998.

    Google Scholar 

  19. The FBI, “Law enforcement REQUIREMENTS for the surveillance of electronic communications”, June 1994. (Prepared by the Federal Bureau of Investigations (FBI) in cooperation with federal, state, and local law enforcement members of the National Technical Investigation Association).

    Google Scholar 

  20. P.-A. Fouque, G. Poupard and J. Stern, “Recovering keys in open networks”, 1999 IEEE-ITW (Information Theory Workshop), IEEE, June 1999.

    Google Scholar 

  21. Y. Frankel and M. Yung, “Escrow encryption systems visited: Attacks, analysis and designs”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.222–235.

    Google Scholar 

  22. P. Horster, M. Michels and H. Petersen, “A new key escrow system with active investigator”, Proc. Securicom, Paris, La Defense, 8.-9. June, 1995, S.15-28.; also see Theoretical Computer Science and Information Security Technical Report TR-95-4-f, Department of Computerscience, University of Technology Chemnitz-Zwickau.

    Google Scholar 

  23. N. Jefferies, C. Mitchell and M. Walker, “A proposed architecture for trusted third party services”, in E. Dawson and J. Golic, (eds.), Cryptography: Policy and Algorithms-Proceedings: International Conference, Brisbane, Australia, July 1995, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1029, Berlin, 1996, pp.98–104.

    Chapter  Google Scholar 

  24. M. Joye and J.-J. Quisquater, “On the importance of securing your bins: The garbage-man-in-the-middle attack”, 4th ACM Conference on Computer and Communications Security, ACM Press, 1997, pp.135–141.

    Google Scholar 

  25. J. Kilian and T. Leighton, “Fair cryptosystems, revisited: A rigorous approach to key-escrow”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.208–221.

    Google Scholar 

  26. S.J. Kim, S.J. Park, and D.H. Won, “Proxy signatures, revisited”, Proc. of ICICS’97, International Conference on Information and Communications Security, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1334, 1997, pp.223–232.

    Chapter  Google Scholar 

  27. L.R. Knudsen and T.P. Pedersen, “On the difficulty of software key escrow”, Advanced in Cryptology-Eurocrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1070, 1996, pp.237–244.

    Google Scholar 

  28. Y.-C. Lee and C.-S. Laih, “On the key recovery of the key escrow system”, Thirteenth Annual Computer Security Applications Conference”, IEEE Computer Society, December 8-12, 1997. pp.216–220.

    Google Scholar 

  29. A.K. Lenstra, P. Winkler and Y. Yacobi, “A key escrow system with warrant bounds”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.197–207.

    Google Scholar 

  30. M. Mambo, K. Sakurain and E. Okamoto, “How to utilize the transformability of digital signatures for solving the oracle problem”, Advanced in Cryptology-Asiacrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1163, 1996, pp.322–333.

    Chapter  Google Scholar 

  31. M. Mambo, K. Usuda, and E. Okamoto, “Proxy signatures: Delegation of the power to sign messages”, IEICE Trans. Fundamentals, Vol.E79-A/No.9, 1996, pp.1338–1354.

    Google Scholar 

  32. M. Mambo, K. Usuda, and E. Okamoto, “Proxy signatures for delegating signing operation”, Proc. Third ACM Conf. on Computer and Communications Security, 1996, pp.48–57.

    Google Scholar 

  33. W. Mao, “Verifiable escrowed signature”, Second Australasian Conference in Information Security and Privacy, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1270, Sydney, July 1997., pp.240–248.

    Chapter  Google Scholar 

  34. S. Micali, “Fair public-key cryptosystems”, Advanced in Cryptology-Crypto’92, Springer-Verlag, Lecture Notes in Computer Science, LNCS 740, 1992, pp.113–138.

    Chapter  Google Scholar 

  35. S. Micali and R. Sidney “A simple method for generating and sharing pseudo-random functions, with Applications to Clipper-like Key Escrow Systems”, Advanced in Cryptology-Crypto’95, Springer-Verlag, Lecture Notes in Computer Science, LNCS 963, 1995, pp.185–196.

    Google Scholar 

  36. S. Miyazaki, I. Kuroda and K. Sakurai, “Toward fair international key escrow-An attempt by distributed trusted third agencies with threshold cryptography”, Second International Workshop on Practice and Theory in Public Key Cryptography, PKC’99, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1560, Kamakura, Japan, March 1-3, 1999, pp.171–187.

    Google Scholar 

  37. NIST, “Escrow Encryption Standard (EES)”, Federal Information Processing Standards Publication (FIPS PUB) 185”, 1994.

    Google Scholar 

  38. K. Ohta, “Remarks on Blind Decryption”, Okamoto, Davida, Mambo (Eds.): Proc. of ISW’97, Information Security Workshop, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1396, Tatsunokuchi, Ishikawa Japan, September 17-19 1997, pp.273–281.

    Google Scholar 

  39. E. Okamoto and K. Ohta, “Divertible zero knowledge interactive proofs and commutative random self-reducibility”, Advanced in Cryptology-Eurocrypt’89, Springer-Verlag, Lecture Notes in Computer Science, LNCS, 1990, pp.134–149.

    Google Scholar 

  40. T. Okamoto, “Threshold key-recovery systems for RSA” IEICE Trans. Fundamentals, Vol.E82-A/No.1, January 1999, pp.48–54.

    Google Scholar 

  41. S.J. Park, S.M. Park, D.H. Won, and D.H. Kim, “An efficient verifiable escrowed signature and its applications”, Journal of the Korean Institute of Information Security and Cryptology, 8(4), 1998.12., pp.127–138.

    Google Scholar 

  42. B. Pfitzmann and M. Waidner, “How to break fraud-detectable key recovery”, ACM Operating Systems Review 32(1), pp.23–28, January 1998.

    Article  Google Scholar 

  43. R.L. Rivest, “Chaffing and winnowing: Confidentiality without encryption”, http://theory.lcs.mit.edu/∼rivest/chaffing.txt , March 18, 1998 (rev. July 1, 1998).

  44. R.L. Rivest, A. Shamir and D.A. Wagner, “Time-lock puzzles and timed-release Crypto”, March 10, 1996.

    Google Scholar 

  45. K. Sakurai, Y. Yamane, “Blind decoding, blind undeniable signatures, and their applications to privacy protection”, Information hiding: first international workshop, R.J. Anderson, Ed., vol. 1174 of Lecture Notes in Computer Science, Isaac Newton Institute, Cambridge, England, May 1996, Springer-Verlag, Berlin, Germany. ISBN 3-540-61996-8., pp.257–264.

    Chapter  Google Scholar 

  46. K. Sakurai, Y. Yamane, S. Miyazaki and T. Inoue, “A key escrow system with protecting user’s privacy by blind decoding”, Proc. of ISW’97, Information Security Workshop, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1396, 1997, pp.147–157.

    Chapter  Google Scholar 

  47. A. De Santis, Y. Desmedt, Y. Frankel and M. Yung, “How to share a function securely”, Proceedings of the 26th Annual Symposium on Theory of Computing, ACM, 1994, pp.522–533.

    Google Scholar 

  48. A. Shamir, “Partial key escrow: A new approach to software key escrow”, Presented at Key escrow conference, Washington, D.C., September 15, 1995.

    Google Scholar 

  49. G.J. Simmons, “Subliminal communication is easy using the DSA”, Advanced in Cryptology-Eurocrypt’93, Springer-Verlag, Lecture Notes in Computer Science, LNCS 765, 1993, pp.T65–T81.

    Google Scholar 

  50. M. Stadler, “Publicly verifiable secret sharing”, Advanced in Cryptology-Eurocrypt’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1070, 1996, pp.190–199.

    Google Scholar 

  51. T. Tanida, H. Tsuchiya, S. Domyo, N. Torii, M. Mambo and E. Okamoto, “Design and Implementation of a Key Recovery System”, The 55th National Convention of the Information Processing Society of Japan, 2T-01, 1997.

    Google Scholar 

  52. Y. Wang, “Abuses of probabilistic encryption schemes”, ELECTRONICS LETTERS, 16th April 1998, 34(8), pp.753–754.

    Article  Google Scholar 

  53. A. Young and M. Yung, “The dark side of black-box cryptography-or-Should we trust capstone ?”, Advanced in Cryptology-Crypto’96, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1109, 1996, pp.89–103.

    Google Scholar 

  54. A. Young and M. Yung, “Kleptography: Using cryptography against cryptography”, Advanced in Cryptology-Eurocrypt’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1233, 1997, pp.62–74.

    Google Scholar 

  55. A. Young and M. Yung, “The prevalence of kleptographic attacks on discrete-log based cryptosystems”, Advanced in Cryptology-Crypto’97, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1294, 1997, pp.264–276.

    Chapter  Google Scholar 

  56. A. Young and M. Yung, “Auto-recoverable auto-certifiable cryptosystems”, Advanced in Cryptology-Eurocrypt’98, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1403, 1998, pp.17–31.

    Chapter  Google Scholar 

  57. A. Young and M. Yung, “Auto-recoverable cryptosystems with faster initialization and the escrow hierarchy”, Second International Workshop on Practice and Theory in Public Key Cryptography, PKC’99, Springer-Verlag, Lecture Notes in Computer Science, LNCS 1560, Kamakura, Japan, March 1-3, 1999, pp.306–314.

    Google Scholar 

  58. “Threat and vulnerability model for key recovery (KR)”, http://www.fcw.com/pubs/fcw/1998/0413/web-nsareport-4-14-1998.html , 2/18/98 NSA, X3.

Download references

Author information

Authors and Affiliations

  1. KISA (Korea Information Security Agency), 5th FL., Dong-A Tower, 1321-6, Seocho-Dong, Seocho-Gu, Seoul, 137-070, Korea

    Seungjoo Kim, Insoo Lee & Sungjun Park

  2. Education Center for Information Processing, Tohoku University, Kawauchi Aoba Sendai, 980-8576, Japan

    Masahiro Mambo

Authors
  1. Seungjoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Insoo Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Masahiro Mambo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sungjun Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, S., Lee, I., Mambo, M., Park, S. (1999). On the Difficulty of Key Recovery Systems. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_18

Download citation

  • DOI: https://doi.org/10.1007/3-540-47790-X_18

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66695-0

  • Online ISBN: 978-3-540-47790-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation