Security Analysis and Improvement of the Global Key Recovery System

Security Analysis and Improvement of the Global Key Recovery System

Key recovery is a technology that allows the owner of encrypted data or a trusted third party to recover encrypted data, mostly by reconstructing lost decryption key. In [HLG99], Harn et al proposed a Global Key Recovery System (GKRS) that combines the functions of the key recovery authorities and t...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Yanjiang, BAO, Feng, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2002
Subjects:
Safety analysis
Decryption
Public key
Certification
Cryptanalysis
Private key
Fraud
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/1102
https://ink.library.smu.edu.sg/context/sis_research/article/2101/viewcontent/Yang2002_Chapter_SecurityAnalysisAndImprovement_pv.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-2101
record_format dspace
spelling sg-smu-ink.sis_research-21012022-02-16T07:04:58Z Security Analysis and Improvement of the Global Key Recovery System YANG, Yanjiang BAO, Feng DENG, Robert H. Key recovery is a technology that allows the owner of encrypted data or a trusted third party to recover encrypted data, mostly by reconstructing lost decryption key. In [HLG99], Harn et al proposed a Global Key Recovery System (GKRS) that combines the functions of the key recovery authorities and the public key certification authorities (CAs). Among other features, user-dominance, i.e., a user is allowed to select his own public-private key pair and especially a public element for verifying the validity of the public-private key pair, is considered extremely important by [HLG99] for wide acceptance of GKRS. In this paper, we attack the RSA version of GKRS by showing that its user-dominant feature and the corresponding key verification scheme employed by the CAs allow for fraud by users against CAs. We then propose an improvement to the original GKRS. The improved system makes the probability of user fraud negligibly small. 2002-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/1102 info:doi/10.1007/3-540-45450-0_2 https://ink.library.smu.edu.sg/context/sis_research/article/2101/viewcontent/Yang2002_Chapter_SecurityAnalysisAndImprovement_pv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Safety analysis Decryption Public key Certification Cryptanalysis Private key Fraud Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Safety analysis
Decryption
Public key
Certification
Cryptanalysis
Private key
Fraud
Information Security
spellingShingle Safety analysis
Decryption
Public key
Certification
Cryptanalysis
Private key
Fraud
Information Security
YANG, Yanjiang
BAO, Feng
DENG, Robert H.
Security Analysis and Improvement of the Global Key Recovery System
description Key recovery is a technology that allows the owner of encrypted data or a trusted third party to recover encrypted data, mostly by reconstructing lost decryption key. In [HLG99], Harn et al proposed a Global Key Recovery System (GKRS) that combines the functions of the key recovery authorities and the public key certification authorities (CAs). Among other features, user-dominance, i.e., a user is allowed to select his own public-private key pair and especially a public element for verifying the validity of the public-private key pair, is considered extremely important by [HLG99] for wide acceptance of GKRS. In this paper, we attack the RSA version of GKRS by showing that its user-dominant feature and the corresponding key verification scheme employed by the CAs allow for fraud by users against CAs. We then propose an improvement to the original GKRS. The improved system makes the probability of user fraud negligibly small.
format text
author YANG, Yanjiang
BAO, Feng
DENG, Robert H.
author_facet YANG, Yanjiang
BAO, Feng
DENG, Robert H.
author_sort YANG, Yanjiang
title Security Analysis and Improvement of the Global Key Recovery System
title_short Security Analysis and Improvement of the Global Key Recovery System
title_full Security Analysis and Improvement of the Global Key Recovery System
title_fullStr Security Analysis and Improvement of the Global Key Recovery System
title_full_unstemmed Security Analysis and Improvement of the Global Key Recovery System
title_sort security analysis and improvement of the global key recovery system
publisher Institutional Knowledge at Singapore Management University
publishDate 2002
url https://ink.library.smu.edu.sg/sis_research/1102
https://ink.library.smu.edu.sg/context/sis_research/article/2101/viewcontent/Yang2002_Chapter_SecurityAnalysisAndImprovement_pv.pdf
_version_ 1770570855904968704

Similar Items