Key escrow

Key escrow

Key escrow (also known as a fair cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third parties may include businesses, who may want access to employees' private communications, or governments, who may wish to be able to view the contents of encrypted communications.

The technical problem is a largely structural one since access to protected information must be provided "only" to the intended recipient and at least one third party. The third party should be permitted access only under carefully controlled conditions, as for instance, a court order. Thus far, no system design has been shown to meet this requirement fully on a technical basis alone. All proposed systems also require correct functioning of some social linkage, as for instance the process of request for access, examination of request for 'legitimacy' (as by a court), and granting of access by technical personnel charged with access control. All such linkages / controls have serious problems from a system design security perspective.

On a national level, this is controversial in many countries due to technical mistrust of the security of the escrow arrangement (due to a long history of less than adequate protection of others' information by assorted organizations, public and private, even when the information is held only under an affirmative legal obligation to protect it from unauthorized access), and to a mistrust of the entire system even if it functions as designed. Thus far, no key escrow system has been designed which meets both objections and nearly all have failed to meet even one.

ee also

* Cryptography
* Key management
* Clipper chip

External links

* [http://www.cdt.org/crypto/risks98/ The risks of key escrow]

----


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Key Escrow — Escrow bedeutet so viel wie Treuhand oder Hinterlegung. Inhaltsverzeichnis 1 Etymologie 2 Software Kontext 3 Treuhand Kontext 4 Weblinks // …   Deutsch Wikipedia

  • Key Escrow —   [dt. »Schlüsselhinterlegung«] die, Verfahren der Datenverschlüsselung, bei dem der für die Dechiffrierung nötige Schlüssel bei einer staatlichen bzw. neutralen Stelle hinterlegt wird. Dadurch kann diese Stelle auch verschlüsselten Datenverkehr… …   Universal-Lexikon

  • Key disclosure law — Key disclosure laws, also known as mandatory key disclosure, is legislation that require individuals to surrender cryptographic keys to law enforcement. The purpose is to allow access to material for confiscation or digital forensics purposes and …   Wikipedia

  • Escrow Account — Escrow bedeutet so viel wie Treuhand oder Hinterlegung. Inhaltsverzeichnis 1 Etymologie 2 Software Kontext 3 Treuhand Kontext 4 Weblinks // …   Deutsch Wikipedia

  • Escrow — bedeutet so viel wie Treuhand oder Hinterlegung. Inhaltsverzeichnis 1 Etymologie 2 Software Kontext 3 Treuhand Kontext 4 Weblinks …   Deutsch Wikipedia

  • Key Recovery —   [dt. »Schlüsselwiederherstellung«] die, Verfahren der Datenverschlüsselung, bei dem verschlüsselte Nachrichten ohne Kenntnis des Schlüssels entziffert werden können. Dies geschieht durch eine Zusatzfunktion der Verschlüsselungs Software, deren… …   Universal-Lexikon

  • Key (cryptography) — In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the… …   Wikipedia

  • Key money — is used differently in different parts of the world. It sometimes means money paid to an existing tenant who assigns a lease to a new tenant where the rent is below market. It sometimes means a bribe to a landlord. In other parts of the world it… …   Wikipedia

  • Software-Escrow — Escrow bedeutet so viel wie Treuhand oder Hinterlegung. Inhaltsverzeichnis 1 Etymologie 2 Software Kontext 3 Treuhand Kontext 4 Weblinks // …   Deutsch Wikipedia

  • Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”