Secure Key Recovery for Archived and Communicated Data in the Corporate Intranet
Abstract.
During the last years there has been an explosion of interest in key recovery systems that enable recovery of plaintext from archived or intercepted ciphertext, for key management within the corporate environment or for law enforcement in forensic applications. In this paper we overview various approaches for key recovery and consider attacks against such systems. We also propose a key recovery model for archived or communicated data in the corporate intranet that deals with such attacks. Our model is equitable in the sense that it protects the employees’ privacy while ensures time-efficient data recovery. For this reason we employ traditional recovery techniques for long-term keys as well as a key encapsulation technique for secure and efficient policy enforcement.
Key words: Key Recovery, Key Management, Archived and Communicated Data, Intranets, CryptographyDownload:
(PDF file)
