Democratic Key Escrow Scheme

Cryptography is a dual-edged sword. On the one hand, it allows secure electronic communications by legitimate users. On the other hand, it can be used by criminals to thwart law enforcement efforts and by foreign countries to prevent security agencies from gathering intelligence information about these countries. However, the widespread use of cryptography is critical to the establishment of the Information Superhighway. In order to prevent illegal users from enjoying the same convenience, the most straight forward solution is to escrow every user's private key. Governments' prime concern focuses on law enforcement and national security. However, users' major worries are the security and potential abuses of these systems by the authorities. This is particularly important because, with the explosive growth of the Internet, a user's private key can be used to access a wide range of information about him/her. In recent years, numerous key escrow schemes have been proposed but their success will ultimately depend on the trust and acceptance by users. Unfortunately, all proposed systems suffer from one common weakness: concentration of trust. Even if the private key is split among several trustees, it is still too concentrated and thus too insecure. Another subtle yet equally important weakness is the contradiction to the spirit of democracy. In these schemes, user's fundamental right of privacy is at the mercy of the governments and a few trustees. It is unfair for most legitimate users to hand over their private keys to the authorities (or their agents), even before they have started any electronic communication. Given the fact that governments are strong and users are weak, this is unfair and undemocratic. This thesis proposes a key escrow scheme which is not only secure but also fair and democratic by introducing the concept of "electronic jury" similar to the jury system in the common law. This is a new mechanism to achieve proper balance of power and mutual trust by both users and authorities by distributing the key shares in the hands of electronic jury until they are required for lawful recovery. Publication arising out of this thesis Chor Wall Man, R. Sain.vi-Naini. •'Denu^cratic Key Escrow Scheme," in Second Australasian Conji rence on I iifoi-!;i a I ion Security and Privacy (ACISP'97)^ July 1997, published by Springer-Veriii'i; in the Lectures Notes of Computer vScience series. I hearby declare that I am the sole author of this thesis. I also declare that the material presented within is my own work, except where duly acknowledged, and that I am not aware of any similar work either prior to this thesis, or currently being pursued. I certify that this thesis has not been submitted for a degree in any other university or institution.