Key escrow

From Wikipedia, the free encyclopedia

Key escrow (also known as a fair cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party, so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.

This is controversial in many countries due to technical mistrust of the security of the escrow arrangement (due to a long history of less than adequate protection of others' information by assorted organizations, public and private, even when the information is held only under an affirmative legal obligation to protect it from unauthorized access), and to a mistrust of the entire system even if it functions as designed. Thus far, no key escrow system has been designed which meets both objections and nearly all have failed to meet even one.

The technical problem is a largely structural one since access to protected information must be provided only to the intended recipient and at least one third party. The third party should be permitted access only under carefully controlled conditions, as for instance, a court order. Thus far, no system design has been shown to meet this requirement fully on a technical basis alone. All proposed systems thus far also require correct functioning of some social linkage, as for instance the process of request for access, examination of request for 'legitimacy' (as by a court), and granting of access by technical personnel charged with access control. All such linkages / controls have serious problems from a system design security perspective.