Forward-secure commercial key escrow systems and escrowing methods thereof

US 20030012386A1
Filed: 11/30/2001
Published: 01/16/2003
Est. Priority Date: 04/11/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method, under the PKI environment, of the key generation and escrow, comprising the steps of:

(a) having the user generate a password and register a password verifier of the user in a key management authority;

(b) having the user generate a pair of private/public keys;

(c) having the user encrypt his own private key with his own password (i.e. C=E_PWD(PRI, where PWD is user'"'"'s password and PRI is user'"'"'s private key) (d) having the user generate a key recovery block through encryption of the encrypted private key C with a public key of a key recovery agents. (e) sending user'"'"'s key recovery block and public key to the key management authority; and

(f) having the key management authority store the key recovery block, or divide it into several shares, followed by storing the shares separately.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a software-based commercial key escrow system (KES) for the PKI environment that enables an entity such as the court to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users.

The present invention provides a key escrow system providing a PKI-roaming service and the perfect forward secrecy to the key management agent (KMA).

100 Citations

View as Search Results

16 Claims

1. A method, under the PKI environment, of the key generation and escrow, comprising the steps of:
- (a) having the user generate a password and register a password verifier of the user in a key management authority;
  
  (b) having the user generate a pair of private/public keys;
  
  (c) having the user encrypt his own private key with his own password (i.e. C=E_PWD(PRI, where PWD is user'"'"'s password and PRI is user'"'"'s private key) (d) having the user generate a key recovery block through encryption of the encrypted private key C with a public key of a key recovery agents. (e) sending user'"'"'s key recovery block and public key to the key management authority; and
  
  (f) having the key management authority store the key recovery block, or divide it into several shares, followed by storing the shares separately.

2. A method, under the PKI environment, of the key generation and escrow, comprising the steps of:
- (a) having the user generate a password and register a password verifier of the user in a key management authority;
  
  (b) having the user generate a pair of private/public keys;
  
  (c) having the user encrypt his own private key with his own password (i.e. C=E_PWD(PRI, where PWD is user'"'"'s password and PRI is user'"'"'s private key) (d) having the user generate a key recovery block through encryption of the encrypted private key C with a public key of a key recovery agents. (e) checking the validity of the key recovery block;
  
  (f) sending user'"'"'s validated key recovery block and public key to the key management authority;
  
  (g) having the key management authority store the key recovery block, or divide it into several shares, followed by storing the shares separately.
- View Dependent Claims (3)
- - 3. The method as described in claim 2 wherein said step (c) is skipped and said step of (d) comprises a step of generating a key recovery block through the encryption of said user'"'"'s private key with a public key of a key recovery agent by said user.

4. A method, under the PKI environment, of the key generation and escrow, comprising the steps of:
- (a) having the user register his password in a key management authority(KMA);
  
  (b) having the KMA generate a pair of private/public keys for the user;
  
  (c) having the KMA encrypt the user'"'"'s private key with the registered password of the user (i.e. C=E_PWD(PRI) where PWD;
  
  user'"'"'s password, PRI;
  
  user'"'"'s private key);
  
  (d) having the KMA generate a key recovery block(KRB) through the encryption of said encrypted private key C with a public key of a key recovery agents (KRAs); and
  
  (e) having the KMA either to store the KRB, or to divide the KRB into several shares, followed by separately storing said shares.

5. A method, under the PKI environment, of the key recovery, comprising the steps of:
- (a) having a key management authority (KRA) construct a key recovery block (KRB) for the corresponding user upon the request for the key recovery;
  
  (b) having the KMA to blind the constructed key recovery block by employing a blind factor of said key management authority'"'"'s own so that any KRA is not able to see said constructed key recovery block;
  
  (c) having the KMA to send the blinded key recovery block along with a request for the key recovery to KRAs;
  
  (d) having each KRA perform a decryption of the message received by employing a private key of its own;
  
  (e) having each KRA send the decrypted message processed at step (d) to said key management authority; and
  
  (f) having the KMA recover a encrypted private key C of said user by employing the message received from each key recovery agent and said blind factor of its own.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 13, 15, 16)
- - 6. The method as described in claim 5 wherein said request for the key recovery at step (a) is the request either from said user or from the court.
  - 7. The method as described in claim 5 wherein less than all of shares of the corresponding user'"'"'s key recovery block are required to construct the key recovery block.
  - 8. The method as described in claim 5 wherein less than all of the messages received from key recovery agents are required to recover the encrypted private key for the corresponding user.
  - 9. The method as described in claim 5 further includes a step of having a key management authority send said recovered C to the key recovery requestor using the password-based private key downloading protocol.
  - 10. The method as described in claim 5 wherein a key management authority or a trusted entity recovers the user'"'"'s private key for encryption from C by mounting a dictionary attack.
  - 11. The method as described in claim 5 wherein a key management authority or a trusted entity recovers the user'"'"'s private key for encryption with the user'"'"'s registered passwords.
  - 13. The key escrow system as described in claim 12 wherein said KRB generated by said user is checked for the validity.
  - 15. The key escrow system as described in claim 12 or claim 14 wherein less than all of shares of the corresponding user'"'"'s key recovery block are required to construct the key recovery block.
  - 16. The key escrow system as described in claim 12 or claim 14 wherein less than all of the messages received from key recovery agents are required to recover the encrypted private key for the corresponding user.

12. A key escrow system for the PKI environment comprising:
- a user who generates his own password, registers his own password verifier in a key management authority (KMA), generates a pair of private/public key pairs (PRI, PUB) , encrypts his private key with said password (C=E_PWD(PRI), and generates a key recovery block (KRB) through encrypting C with a public key of key recovery agents (KRAs) a KMA that stores either said KRB or the divided shares of said KRB in a distributed manner, constructs said KRB from the divided shares at a key recovery phase, sends to KRAs a request for the key recovery along with a blinded KRB which is a multiplication of said KRB with a blind factor in order not to disclose said KRB to any of said KRAs, and recovers C with received messages from said KRAs and with said blind factor; and
  
  KRAs that decrypt message sent from said KMA with the private key of their owns.

14. A key escrow system for PKI environment comprising:
- a user who registers his password (PWD) in a key management authority (KMA), comprising;
  
  a KMA that generates a pair of private/public keys (PRI, PUB) for said user, encrypts said user'"'"'s private key with said user'"'"'s registered password (C=E_PWD(PRI) generates a key recovery block (KRB) through encrypting C with the public key of the key recovery agents (KRAs), stores said KRB or the divided shares of said KRB in a distributed manner, reconstructs said KRB out of said divided shares upon the request for recovery, sends to KRAs a request for recovery along with a blinded KRB which is a multiplication of said KRB with a blind factor in order not to disclose said KRB to any of said KRAs, and recovers C with received messages for said KRAs and with said blind factor; and
  
  KRAs that decrypt messages sent from said KMA with private keys of their own.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Korea Information Security Agency
Original Assignee
Korea Information Security Agency
Inventors
Kim, Jeeyeon, Park, Hae-Ryong, Kwon, Hyun-Jo, Lee, Hongsub, Kim, Seungjoo

Application Number

US09/997,012
Publication Number

US 20030012386A1
Time in Patent Office

Days
Field of Search
US Class Current

380/286
CPC Class Codes

H04L 63/06   for supporting key manageme...

H04L 63/30   for supporting lawful inter...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3226   using a predetermined code,...

Forward-secure commercial key escrow systems and escrowing methods thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

100 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Forward-secure commercial key escrow systems and escrowing methods thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links