Internet/intranet security has witnessed an explosive and exciting growth in the past two years. Under the surface of excitement lies a mine of technical and commercial challenges. Without solving these challenges, secure systems will not reach their expected potential. Security can be achieved via encryption. Encryption uses "keys" to encrypt and decrypt the information. Without having the cryptographic key, the enciphered information will never be converted into its original text. In case of key loss or damage or forgetting the key password, there should be a mechanism to recover the cryptographic keys and decipher the encrypted information. This paper describes a key recovery mechanism to facilitate the recovery of encryption keys and encrypted data. The mechanism does not require keys to be escrowed. It is based on adding an extra small field-the Key Recovery Entry (KRE)-to a message or file being transmitted. This mechanism facilitates key recovery both for session keys in symmetric cryptographic systems and private keys in asymmetric cryptographic systems without any need to escrow any key information. The author makes the differentiation between key escrow and key recovery.
[1]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.
[2]
Peter G. Neumann,et al.
The risks of key recovery, key escrow, and trusted third-party encryption
,
1997,
World Wide Web J..
[3]
Whitfield Diffie,et al.
New Directions in Cryptography
,
1976,
IEEE Trans. Inf. Theory.
[4]
Philip R. Zimmermann,et al.
The official PGP user's guide
,
1996
.
[5]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.