High-availability decentralized cryptographic multi-agent key recovery

This paper proposes two versions for the implementation of a novel High-Availability Decentralized cryptographic Multi-agent Key Recovery System (HADM-KRS) that do not require a key recovery centre: HADM-KRSv1 and HADM-KRSv2. They have been enhanced from our previous work and entirely comply with the latest key recovery system in the National Institute of Standards and Technologies (NIST's) framework. System administrators can specify the minimum number of Key Recovery Agents (KRAs) according to security policies and requirements while maintaining compliance with legal requirements. This feature is achieved by applying the concept of secret sharing and power set to distribute the session key to participating KRAs. It uses the principle of secure session key management with an appropriate design of key recovery function. The system is designed to achieve high availability despite the failure of some KRAs. The performance evaluation results show that the proposed systems incur little processing times. They provide a security platform with good performance, fault tolerance, and robustness in terms of secrecy and availability.