[cryptography] Key escrow 2012

mheyman at gmail.com mheyman at gmail.com
Thu Mar 29 17:48:06 EDT 2012

On Tue, Mar 27, 2012 at 1:17 PM, Nico Williams <nico at cryptonector.com> wrote:
> On Tue, Mar 27, 2012 at 5:18 AM, Darren J Moffat
>> For example an escrow system for ensuring you can decrypt data written by
>> one of your employees on your companies devices when the employee forgets or
>> looses their key material.
> Well, the context was specifically the U.S. government wanting key
> escrow.
Hmm - these are not mutually exclusive.

Back in the mid to late 90s, the last time the U.S. government
required key escrow for international commerce with larger key sizes,
they allowed key escrow systems that were controlled completely by the
company. Specifically, they allowed Trusted Information System's
RecoverKey product (I worked on this one, still have the shirt, and am
not aware of any other similar products available at the time - PGP's
came later and was more onerous to use).

RecoverKey simply wrapped a session key in a corporate public key
appended to the same session key wrapped with the user's public key.
If the U.S. Government wanted access to the data, the only thing they
got was the session key after supplying the key blob and a warrant to
the corporation in question. The U.S. government even allowed us to
sell RecoverKey internationally to corporations that kept their
RecoverKey data recovery centers offshore but agreed to keep them in a
friendly country.
-Michael Heyman

More information about the cryptography mailing list