Matching key recovery mechanisms to business requirements

This paper addresses the business needs for key recovery as a countermeasure to the threat of losing potentially valuable information. Several requirements essential for a sound key recovery mechanism are described, and the applicability of two main classes of existing key recovery schemes to a corporate environment is examined. Different requirements are identified for key recovery mechanisms for communicated and archived data, and a further study is made of the applicability of existing mechanisms to these two cases.

[1]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[2]  David Paul Maher,et al.  Crypto backup and key escrow , 1996, CACM.

[3]  Paul C. van Oorschot,et al.  Cryptographic Information Recovery Using Key Recover , 2000, Comput. Secur..

[4]  Sarbari Gupta A Common Key Recovery Block Format: Promoting Interoperability Between Dissimilar Key Recovery Mechanisms , 2000, Comput. Secur..

[5]  H. V. Jagadish,et al.  Information warfare and security , 1998, SGMD.

[6]  Chris J. Mitchell,et al.  Remarks on KRA key recovery block format , 1999 .

[7]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[8]  Ed Dawson,et al.  Key Recovery System for the Commercial Environment , 2000, ACISP.

[9]  Leslie P. Willcocks,et al.  Commonsense Computer Security , 1989, J. Inf. Technol..

[10]  Peter G. Neumann,et al.  The risks of key recovery, key escrow, and trusted third-party encryption , 1997, World Wide Web J..

[11]  Eric R. Verheul,et al.  Binding ElGamal: A Fraud-Detectable Alternative to Key-Escrow Proposals , 1997, EUROCRYPT.

[12]  Chris J. Mitchell,et al.  Key Recovery Scheme Interoperability - A Protocol for Mechanism Negotiation , 2001, IMACC.

[13]  Dorothy E. Denning,et al.  A taxonomy for key escrow encryption systems , 1996, CACM.

[14]  Chris J. Mitchell,et al.  A Proposed Architecture for Trusted Third Party Services , 1995, Cryptography: Policy and Algorithms.

[15]  Birgit Pfitzmann,et al.  How to break fraud-detectable key recovery , 1998, OPSR.

[16]  David M. Balenson,et al.  Commercial key recovery , 1996, CACM.

[17]  Lars R. Knudsen,et al.  In Search of Multiple Domain Key Recovery , 1998, J. Comput. Secur..