Recoverable Encryption through a Noised Secret over a Large Cloud

  • Sushil Jajodia
  • Witold Litwin
  • Thomas Schwarz SJ
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7980)


The safety of keys is the Achilles’ heel of cryptography. A key backup at an escrow service lowers the risk of loosing the key, but increases the danger of key disclosure. We propose Recoverable Encryption (RE) schemes that alleviate the dilemma. RE encrypts a backup of the key in a manner that restricts practical recovery by an escrow service to one using a large cloud. For example, a cloud with ten thousand nodes could recover a key in at most 10 minutes with an average recovery time of five minutes. A recovery attempt at the escrow agency, using a small cluster, would require seventy days with an average of thirty five days. Large clouds have become available even to private persons, but their pay-for-use structure makes their use for illegal purposes too dangerous. We show the feaibility of two RE schemes and give conditions for their deployment.


Cloud Computing Recoverable Encryption Key Escrow Privacy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AAB+97]
    Abelson, H., Anderson, R., Bellovin, S.M., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J., Neumann, P.G., Rivest, R.L., Schiller, J.I., Schneier, B.: The risks of key recovery, key escrow, and trusted third-party encryption. World Wide Web Journal 2(3), 241–257 (1997)Google Scholar
  2. [AHR+05]
    Andrews, R.F., Huang, Z., Ruan, T.Q.X., et al.: Method and system of securely escrowing private keys in a public key infrastructure. US Patent 6,931,133 (August 2005)Google Scholar
  3. [AMK+01]
    Ando, H., Morita, I., Kuroda, Y., Torii, N., Yamazaki, M., Miyauchi, H., Sako, K., Domyo, S., Tsuchiya, H., Kanno, S., et al.: Key recovery system. US Patent 6,185,308 (February 6, 2001)Google Scholar
  4. [AMR+11]
    Abiteboul, S., Manolescu, I., Rigaux, P., Rousset, M.C., Senellart, P.: Web data management. Cambridge University Press (2011)Google Scholar
  5. [BG97]
    Bellare, M., Goldwasser, S.: Verifiable partial key escrow. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 78–91. ACM (1997)Google Scholar
  6. [Bla11]
    Blaze, M.: Key escrow from a safe distance: looking back at the clipper chip. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 317–321. ACM (2011)Google Scholar
  7. [BM03]
    Blömer, J., May, A.: New partial key exposure attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 27–43. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. [CG02]
    Chandersekaran, S., Gupta, S.: Framework-based cryptographic key recovery system. US Patent 6,335,972 (January 1, 2002)Google Scholar
  9. [Cha11]
    Chandrasekhar, S.: Construction of Efficient Authentication Schemes Using Trapdoor Hash Functions. PhD thesis, University of Kentucky (2011)Google Scholar
  10. [CMMV05]
    Chandersekaran, S., Malik, S., Muresan, M., Vasudevan, N.: Apparatus, method, and computer program product for achieving interoperability between cryptographic key recovery enabled and unaware systems. US Patent 6,877,092 (April 5, 2005)Google Scholar
  11. [CS11]
    Chatterjee, S., Sarkar, P.: Avoiding key escrow. In: Identity-Based Encryption, pp. 155–161. Springer (2011)Google Scholar
  12. [DB96]
    Denning, D.E., Branstad, D.K.: A taxonomy for key escrow encryption systems. Communications of the ACM 39(3), 35 (1996)CrossRefGoogle Scholar
  13. [DB97]
    Denning, D.E., Branstad, D.K.: A taxonomy for key escrow encryption systems (1997),
  14. [DBJ96]
    Denning, D.E., Baugh Jr., W.E.: Key escrow encryption policies and technologies. Villanova Law Review 41, 289 (1996)Google Scholar
  15. [DN93]
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  16. [DP12]
    D’Souza, R.P., Pandey, O.: Cloud key escrow system. US Patent 20,120,321,086 (December 20, 2012)Google Scholar
  17. [EJMDW05]
    Ernst, M., Jochemsz, E., May, A., de Weger, B.: Partial key exposure attacks on RSA up to full size exponents. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 371–386. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. [FZZ12]
    Fan, Q., Zhang, M., Zhang, Y.: Key escrow attack risk and preventive measures. Research Journal of Applied Sciences 4 (2012)Google Scholar
  19. [GKM+97]
    Gennaro, R., Karger, P., Matyas, S., Peyravian, M., Roginsky, A., Safford, D., Willett, M., Zunic, N.: Two-phase cryptographic key recovery system. Computers & Security 16(6), 481–506 (1997)CrossRefGoogle Scholar
  20. [Gup00]
    Gupta, S.: A common key recovery block format: Promoting interoperability between dissimilar key recovery mechanisms. Computers & Security 19(1), 41–47 (2000)CrossRefGoogle Scholar
  21. [JKKJ+00]
    Johnson, D.B., Karger, P.A., Kaufman Jr., C.W., Matyas Jr., S.M., Safford, D.R., Yung, M.M., Zunic, N.: Interoperable cryptographic key recovery system with verification by comparison. US Patent 6,052,469 (April 18, 2000)Google Scholar
  22. [JLS10]
    Jajodia, S., Litwin, W., Schwarz, T.: LH*RE: A scalable distributed data structure with recoverable encryption. In: CLOUD 2010: Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing, pp. 354–361. IEEE Computer Society, Washington, DC (2010)Google Scholar
  23. [KO12]
    Komura, Y., Okabe, Y.: Gpu-based single-cluster algorithm for the simulation of the ising model. Journal of Computational Physics 231(4), 1209–1215 (2012)MathSciNetzbMATHCrossRefGoogle Scholar
  24. [KRS+12]
    Kuppusamy, L., Rangasamy, J., Stebila, D., Boyd, C., Nieto, J.G.: Practical client puzzles in the standard model. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012. ACM, New York (2012)Google Scholar
  25. [LJS11]
    Litwin, W., Jajodia, S., Schwarz, T.: Privacy of data outsourced to a cloud for selected readers through client-side encryption. In: WPES 2011: Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society, pp. 171–176. ACM, New York (2011)Google Scholar
  26. [LNS96]
    Litwin, W., Neimat, M.A., Schneider, D.A.: Lh* – a scalable, distributed data structure. ACM Transactions on Database Systems (TODS) 21(4), 480–525 (1996)Google Scholar
  27. [MA96]
    McConnell, B.W., Appel, E.J.: Enabling privacy, commerce, security and public safety in the global information infrastructure. Office of Management and Budget, Interagency Working Group on Cryptography Policy, Washington, DC (1996)Google Scholar
  28. [MLFR02]
    Miller, E.L., Long, D.D.E., Freeman, W.E., Reed, B.C.: Strong security for network-attached storage. In: Proceedings of the 1st USENIX Conference on File and Storage Technologies, p. 1. USENIX Association (2002)Google Scholar
  29. [OHL+08]
    Owens, J.D., Houston, M., Luebke, D., Green, S., Stone, J.E., Phillips, J.C.: Gpu computing. Proceedings of the IEEE 96(5), 879–899 (2008)CrossRefGoogle Scholar
  30. [RSW96]
    Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical report, Massachusetts Institute of Technology, Cambridge, MA, USA (1996)Google Scholar
  31. [Sha79]
    Shamir, A.: How to share a secret. Communications of the ACM 22(11), 612–613 (1979)MathSciNetzbMATHCrossRefGoogle Scholar
  32. [Sin95]
    Singhal, A.: The piracy of privacy-a fourth amendment analysis of key escrow cryptography. Stanford Law and Policy Review 7, 189 (1995)Google Scholar
  33. [SL10]
    Schwarz, T., Long, D.D.E.: Clasas: a key-store for the cloud. In: 2010 IEEE International Symposium on Modeling, Analysis & Simulation of Computer and Telecommunication Systems (MASCOTS), pp. 267–276. IEEE (2010)Google Scholar
  34. [VvT97]
    Verheul, E.R., van Tilborg, H.C.A.: Binding ElGamal: A fraud-detectable alternative to key-escrow proposals. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 119–133. Springer, Heidelberg (1997)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Sushil Jajodia
    • 1
  • Witold Litwin
    • 2
  • Thomas Schwarz SJ
    • 3
  1. 1.George Mason UniversityFairfaxUSA
  2. 2.LAMSADEUniversité Paris DauphineParisFrance
  3. 3.Universidad Católica del UruguayMontevideoUruguay

Personalised recommendations