Cryptography – Key management – Key escrow or recovery
Reexamination Certificate
1997-10-30
2002-11-19
Barron, Gilberto (Department: 2132)
Cryptography
Key management
Key escrow or recovery
Reexamination Certificate
active
06483920
ABSTRACT:
DESCRIPTION OF RELATED ART
The present invention relates to a key recovery process used for strong encryption of a message sent by an entity, which message is either to be stored locally or transmitted to another entity, the reading of a message requiring a decryption key supplied to at least one trusted third party for key recovery, while the message comprises a compulsory control field which itself comprises a key recovery field for allowing a trusted third party to supply the decryption information that enables the encrypted message to be read.
First of all, it is noted that it is conventionally accepted that an encryption is considered to be strong when its decryption cannot be achieved within a reasonable amount of time without using the key.
Generally, the constant progress in the computerization field results in an increasingly immediate need when it comes to the protection of information. At present, computer security is an integral part of the thorny problems to be solved in this field. Thus, among other things, a problem arises when it is desirable to use encryption techniques to effectively protect sensitive information. In effect, in many countries, the dissemination of encrypted information through public networks is subject to authorization on a case-by-case basis, whereas the need to use such techniques is genuinely felt. The current tendency of international governmental authorities, however, is to authorize anyone to use strong encryption. In exchange for this authorization, the national authorities intend to retain the right of inspection, that is to have the capability to decrypt such communications.
With this type of technique, the stored or transmitted message can only be decrypted when the decryption key used is known. The specific object or technical problem in this case is to make the decryption key known to a predetermined key recovery authority, an authority hereinafter called a “trusted third party” for key recovery. Two techniques are generally used for this purpose.
The first technique consists of depositing a long-term decryption key which will be used to decrypt the working keys or decryption keys. Decryption hardware or software (hereinafter, for the sake of simplification and conciseness, indicated by “decryption hardware/software”) then in turn uses this key to decrypt the decryption keys of a message, and thus any person wishing to decrypt the message must possess the copy of this key. This technique has proven effective and practical, for example within a single country, but has serious drawbacks relative to security when the communication is international and/or when an authority of one of the countries in question wishes to eavesdrop on and understand a message sent in one of the countries in question by a person under suspicion. In effect, one country's trusted third party for key recovery is obligated to request another country's trusted third party for key recovery, or the person possessing the copy of the key, [to supply it to it] in order to be able to decrypt the message. In the case where the latter agrees, which is a first restriction, on one hand the eavesdropping is “granted” to the other country's trusted third party for key recovery when this type of intervention is supposed to be discreet and even confidential, and on the other hand, a significant time loss is inevitably caused in obtaining the copy of the key, which is completely inopportune since the message must be understood quickly when it is desirable to act fast with regard to the suspected person before the latter can escape or disappear. Therefore, this technique has substantial limitations for use at an international level due to the counterpart required by the international governmental authorities in authorizing this type of communication, unless the governments involved subscribe to reciprocity agreements, which in this field is not always, in fact rarely, desirable.
The second technique consists not of leaving a long-term decryption key but of allowing the trusted third party for key recovery to decrypt of the decryption key, and hence the encryption key of the message, whether this key is an asymmetric key or a symmetric key. For this purpose, two supplementary fields are added into the message, hereinafter called a compensation field and a compulsory control field, which itself comprises, among other information, at least one field intended for the recovery of the key by an authorized key keeper, hereinafter called a “trusted third party” for key recovery. Thus, in the particular case where a saved encrypted message is stored locally, for example on a disk, only one trusted third party for key recovery is involved, and therefore only one key recovery field is necessary. On the other hand, in the more general case of the transmission of a message between two users, or more generally between two communicating entities, two key recovery fields are necessary, since two trusted third parties for key recovery are involved, that of the country of the sender of the message and that of the country of the recipient of the message. Thus, an international conversation between two interlocutors of country A and country B, respectively, can be eavesdropped on, if this eavesdropping is authorized, by the appropriate intercepting authorities of country A and country B, respectively, without ever being subject to eavesdropping by the authorities of any other country. Consequently, when an eavesdropping is legally authorized, the first key recovery field of the compulsory control field allows eavesdropping by the approved authority of country A, while the second key recovery field allows eavesdropping by the approved authority of country B. These two approved authorities can either be national authorities based in the countries where the communicating entities are physically located, or national authorities of the same nationality as that of the communicating entities. In fact, in order to allow the decryption, one of these two key recovery fields present in the message is first delivered to a trusted third party for key recovery, then the decryption key is delivered by this trusted third party to the national authority, thus allowing it to decrypt the message in its entirety. Currently, it is expected for each country to approve a certain number of trusted third parties for key recovery who are nationals, each of whom is preferably specific to one field, and thus it is the trusted third party approved by a governmental authority that controls and allows the decryption and not the governmental authority directly. A technique of this type is described in the brochure entitled “Commercial Key Escrow (CKE, a trademark of Trusted Information Systems, Inc.): The Path to Global Information Security.” This second technique, however, also has a certain number of drawbacks. A first serious drawback is inherent in the fact that it is impossible to notice, in any simple way, that an attempted fraud has been perpetrated by modifying the compulsory control field or modifying the decryption hardware/software. Moreover, this technique does not make it possible to supply in advance daily decryption keys that are usable within, and only within, a predetermined time period, which is a second notable drawback relative to security. Finally, another drawback exists in the fact that the communicating entities are not identified, which does not make it possible to easily distinguish between legal or illegal eavesdropping.
SUMMARY OF THE INVENTION
The object of the present invention is to eliminate the various drawbacks of the different known techniques of the prior art, and to propose a key recovery process that is effective and easy to use, which makes it possible to detect any modification, however minimal, of the compulsory control field, and which allows the provision, even in advance, of daily decryption keys usable only within a predetermined time period.
FIGS. 1 and 2
, illustrate the steps of the key recovery process used for strong encryption of a message (M) accordi
Barron Gilberto
Bull S.A.
Kondracki Edward J.
Meislahn Douglas J
Miles & Stockbridge P.C.
LandOfFree
Key recovery process used for strong encryption of messages does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Key recovery process used for strong encryption of messages, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Key recovery process used for strong encryption of messages will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2939820