Time delayed key escrow
First Claim
1. A method of providing different levels of computational difficulty for recovering an encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
- encrypting the communication so that an entity in possession of a secret key can recover the encrypted communication without computational difficulty;
providing the first entity with first information about the secret key, the first information comprising weakly-encrypted information about the secret key;
the weakly encrypted information being enough information that the encrypted communications can be recovered with a predetermined level of computational difficulty less than that for the other entities.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods for designing encryption algorithms with different levels of security for different parties: "easier" (but requiring some work nonetheless) to break for some parties (e.g., the government) than for other parties (the adversaries at large). This is achieved by a new form of key escrow in which the government gets some information related to the secret keys of individuals but not the secret keys themselves. The information given to the government enables it to decrypt with a predetermined level of computational difficulty less than that for adversaries at large. The new key escrow methods are verifiable. Verification information can be provided to the government so that it can verify that the information escrowed is sufficient to enable it to decrypt with the predetermined level of computational difficulty. The fact that the government must perform some computation to break the encryption schemes of individual users provides a serious deterrent against massive wiretapping.
-
Citations
14 Claims
-
1. A method of providing different levels of computational difficulty for recovering an encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
-
encrypting the communication so that an entity in possession of a secret key can recover the encrypted communication without computational difficulty; providing the first entity with first information about the secret key, the first information comprising weakly-encrypted information about the secret key; the weakly encrypted information being enough information that the encrypted communications can be recovered with a predetermined level of computational difficulty less than that for the other entities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of providing different levels of computational difficulty for recovering a public-key encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
-
encrypting the communication using a public key for which there exists a secret key, so that with possession of the secret key the encrypted communication can be recovered without computational difficulty; providing the first entity with first information about the secret key; the first information being less than a full description of the secret key but enough information that the encrypted communication can be recovered with a predetermined level of computational difficulty less than that for the other entities; wherein the first information comprises weakly encrypted information about the secret key.
-
-
11. A method of providing different levels of computational difficulty for recovering an encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
-
encrypting the communication so that an entity in possession of a secret key can recover the encrypted communication without computational difficulty; providing the first entity with first information about the secret key; the first information being less than a full description of the secret key but enough information that the encrypted communication can be recovered with a predetermined level of computational difficulty less than that for the other entities; providing the first entity with verification information with which the first entity can verify that the first information provided is sufficient for recovery to be achieved within the predetermined level of computational difficulty; wherein the first information comprises weakly encrypted information about the secret key.
-
-
12. A method of providing different levels of computational difficulty for recovering an encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
-
encrypting the communication so that an entity in possession of a secret key can recover the encrypted communication without computational difficulty; providing the first entity with first information about the secret key; the first information being less than a full description of the secret key but enough information that the encrypted communication can be recovered with a predetermined level of computational difficulty less than that for the other entitles; providing the first entity with verification information with which the first entity can verify that the first information provided is sufficient for recovery to be achieved within the predetermined level of computational difficulty; wherein the first information provided to the first entity comprises information about a disclosed portion of the secret key, wherein there remains an undisclosed portion of the secret key, and wherein the verification information is used to verify the size of the undisclosed portion and that the disclosed portion is a part of the secret key. - View Dependent Claims (13)
-
-
14. A method of providing different levels of computational difficulty for recovering a public-key encrypted communication, so that a first entity experiences less computational difficulty than other entities, the method comprising the steps of:
-
encrypting the communication using a public key for which there exists a secret key, so that with possession of the secret key the encrypted communication can be recovered without computational difficulty; providing the first entity with first information about the secret key; the first information being less than a full description of the secret key but enough information that the encrypted communication can be recovered with a predetermined level of computational difficulty less than that for the other entities; wherein the first information provided to the first entity comprises information about a disclosed portion of the secret key, and wherein there remains an undisclosed portion of the secret key; wherein the disclosed portion comprises some of the bits of the secret key, the verification information is used to verify that the number of undisclosed bits is small enough to permit recovery to be within the predetermined level of computational difficulty, and that the disclosed bits are part of the secret key.
-
Specification