We show how to configure cloud-based file transmission service that uses IBE and is free from the
key escrow problem.
We propose a new approach to solving
key escrow problem for Point-to-Multipoint Identity-based Broadcast Encryption (P2MIBBE), what we call Augmented Broadcaster Identity-based Broadcast Encryption (AB-IBBE).
Through CESA, the government renewed its support for
key escrow and governmental access to decryption keys, the policy heavily criticized when embodied in the Clipper Chip.(118) The privacy concerns raised by activist groups to the three Clipper proposals still bear relevance to CESA, but they have been overshadowed to a certain extent by jubilant industry reaction to the loosened export regulations.
Five years should allow sufficient time to formulate and implement the rules, as well as to develop and market new
key escrow technology.
The terms "
key escrow" and "key recovery" refer to the processes of securing the private key portion of a public key system in a location that can be accessed by third parties, or having a system in place that recovers the private key.(27) The third parties are commonly either business organizations who need access to an employee's file if that employee's private key became unavailable, or law enforcement agencies acting under court order to obtain encrypted messages considered to be criminal.(28)
Since KGC does not know any user's private key, CL-PKC overcomes the
key escrow problem inherent in IBC.
Cullinan added that the speculation was ironic since Microsoft has consistently opposed the various
key escrow proposals suggested by the government "because we don't believe they are good for consumers, the industry or national security."
On the subject of
key escrow, which would provide security services with a back-door to confidential communications, the report said: "We can see no benefits arising from Government promotion of
key escrow or key recovery technology."
"A variety of 'key recovery,"
key escrow,' and 'trusted third-party' encryption requirements have been suggested in recent years by government agencies seeking to conduct covert surveillance within the changing environments brought about by new technologies.
As a result, the certificate management burden is removed but it suffers from the
key escrow problem.
"It is maintained and safeguarded by Microsoft, and we have not shared this key with the NSA or any other party," it said, "Microsoft has consistently opposed the various
key escrow proposals suggested by the government because we don't believe they are good for consumers, the industry or national security."