On the Difficulty of Software Key Escrow
نویسندگان
چکیده
At Eurocrypt'95, Desmedt suggested a scheme which allows individuals to en-crypt in such a way that the receiver can be traced by an authority having additional information. This paper shows that the proposed scheme does not have the required properties, by devising three non-speciied protocols misleading the authority. We also discuss how to repair Desmedt's scheme, such that our attacks are no longer possible. However, by allowing slightly more general, but absolutely realistic attacks also this improved system can be broken. In fact, we argue that software key es-crow as proposed by Desmedt will be very hard to implement as it requires that the distributed public key can only be used in few, well-deened systems. Furthermore, even if this is achieved, most applications to key distribution can be broken.
منابع مشابه
Lattice-Based Revocable Certificateless Signature
Certificateless signatures (CLS) are noticeable because they may resolve the key escrow problem in ID-based signatures and break away the management problem regarding certificate in conventional signatures. However, the security of the mostly previous CLS schemes relies on the difficulty of solving discrete logarithm or large integer factorization problems. These two problems would be solved by...
متن کاملA New Approach to Software Key Escrow Encryption
The major deficiency ascribed to key escrow techniques when they are implemented solely in software is that they can be bypassed or subverted relatively easily and thus cannot be relied upon to meet the objectives of law enforcement that motivate the Clipper Initiative. Further, no technique has been proposed that addresses the issues associated with the implementation of a classified encyption...
متن کاملDesign of DL-based certificateless digital signatures
Public-key cryptosystems without requiring digital certificates are very attractive in wireless communications due to limitations imposed by communication bandwidth and computational resource of the mobile wireless communication devices. To eliminate public-key digital certificate, Shamir introduced the concept of the identity-based (ID-based) cryptosystem. The main advantage of the ID-based cr...
متن کاملSelf-Escrowed Public-Key Infrastructures
This paper introduces a cryptographic paradigm called selfescrowed encryption, a concept initiated by kleptography. In simple words, a self-escrowed public-key cryptosystem features the property that the scheme’s public and private keys are connected to each other by the mean of an other cryptosystem, called the master scheme. We apply this notion to the design of auto-recoverable autocertifiab...
متن کاملOn the Di culty of Software Key
At Eurocrypt'95, Desmedt suggested a scheme which allows individuals to encrypt in such a way that the receiver can be traced by an authority having additional information. This paper shows that the proposed scheme does not have the required properties, by devising three non-speciied protocols misleading the authority. We also discuss how to repair Desmedt's scheme, such that our attacks are no...
متن کامل