Two-phase cryptographic key recovery system
First Claim
1. A method of providing for the recovery of a secret value using a key recovery agent, comprising the steps of:
- creating a generator value for said key recovery agent;
making said generator value available to said key recovery agent;
generating an encryption key as a one-way function of said generator value; and
encrypting said secret value with said encryption key to generate an encrypted secret value, said secret value being recoverable from said encrypted secret value by having said key recovery agent generate said encryption key as said one-way function of said generator value and decrypting said encrypted secret value with said encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
A cryptographic key recovery system that operates in two phases. In the first phase, the sender establishes a secret value with the receiver. For each key recovery agent, the sender generates a key-generating value as a one-way function of the secret value and encrypts the key-generating value with a public key of the key recovery agent. In the second phase, performed for a particular cryptographic session, the sender generates for each key recovery agent a key-encrypting key as a one-way function of the corresponding key-generating value and multiply encrypts the session key with the key-encrypting keys of the key recovery agents. The encrypted key-generating values and the multiply encrypted session key are transmitted together with other recovery information in a manner permitting their interception by a party seeking to recover the secret value. To recover the secret value, the party seeking recovery presents the encrypted key-generating values and public recovery information to the key recovery agents, who decrypt the key-generating values, regenerate the key-encrypting keys from the corresponding key-generating values, and provide the regenerated key-encrypting keys to the recovering party. The recovering party uses the key-encrypting keys to recover the secret value. Since the key-generating values cannot be derived from the key-encrypting keys, they may be used over a period spanning multiple cryptographic sessions without requiring new values or new public key encryptions.
-
Citations
54 Claims
-
1. A method of providing for the recovery of a secret value using a key recovery agent, comprising the steps of:
-
creating a generator value for said key recovery agent; making said generator value available to said key recovery agent; generating an encryption key as a one-way function of said generator value; and encrypting said secret value with said encryption key to generate an encrypted secret value, said secret value being recoverable from said encrypted secret value by having said key recovery agent generate said encryption key as said one-way function of said generator value and decrypting said encrypted secret value with said encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising the steps of:
-
a) providing a secret value to a trustee; and b) upon a predetermined request, having said trustee calculate a dependent value from at least said secret value and provide said calculated dependent value to a requesting party. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method of encrypting a plaintext block using an encryption key, comprising the steps of:
-
a) partitioning said plaintext block into first and second parts; b) subjecting said plaintext block to a plurality of iterations in which said first and second parts are processed as input parts to produce first and second output parts, each of said iterations comprising the steps of; (1) combining one of said input parts with said key to produce a composite part; (2) generating a hash of said composite part; (3) combining said hash of said composite part with the other of said input parts to produce one of said output parts; and (4) producing the other of said output parts from the other of said input parts; and c) combining the output parts produced by the last of said iterations to produce an encrypted plaintext block. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38)
-
-
39. In a cryptographic recovery system in which a user encrypts a recovery value using a public recovery key and provides the encrypted recovery value to a recovery agent, said recovery agent being able to recover said recovery value from said encrypted recovery value using a private recovery key corresponding to said public recovery key, a method of establishing said public and private recovery keys for said user and said recovery agent, comprising the steps of:
-
generating for said user a recovery key pair comprising a public recovery key and a corresponding private recovery key; transmitting said recovery key pair in a secure manner from said user to said recovery agent. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A method for operating a cryptographic system so as to permit a recovery agent to selectively reveal secret information to an applicant, comprising the steps of:
-
deriving a second secret value from a first secret value; combining said second secret value with authorization information and calculating a first hash value on the combination; and providing said authorization information, said first hash value, and said first secret value to said recovery agent for use in recovering said secret information. - View Dependent Claims (50, 51, 52)
-
-
53. Apparatus for providing for the recovery of a secret value using a key recovery agent, comprising:
-
means for creating a generator value for said key recovery agent; means for making said generator value available to said key recovery agent; means for generating an encryption key as a one-way function of said generator value; and means for encrypting said secret value with said encryption key to generate an encrypted secret value, said secret value being recoverable from said encrypted secret value by having said key recovery agent generate said encryption key as said one-way function of said generator value and decrypting said encrypted secret value with said encryption key.
-
-
54. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for providing for the recovery of a secret value using a key recovery agent, said method steps comprising:
-
creating a generator value for said key recovery agent; making said generator value available to said key recovery agent; generating an encryption key as a one-way function of said generator value; and encrypting said secret value with said encryption key to generate an encrypted secret value, said secret value being recoverable from said encrypted secret value by having said key recovery agent generate said encryption key as said one-way function of said generator value and decrypting said encrypted secret value with said encryption key.
-
Specification