What is Key Escrow? [2019]

Key Escrow is an arrangement in which the cryptographic keys needed to decrypt certain data are held in escrow. This essentially means that an organization trusts a third party to store a backup of the cryptographic key in case of either disaster or security breach.


What is the purpose of key escrow?

Maintaining a key escrow prevents organizations or individuals from getting locked out of their encrypted data or files due to a number of circumstances that could cause them to lose their cryptographic key. Some organizations use key escrow services to manage third party access to certain parts of their systems. These third parties could include government organizations, businesses wanting to monitor employee communications, or other groups who may need to view the contents of encrypted communications.

Security Risks of Key Escrow

If you’re trying to keep sensitive information secure, storing a key to access it outside of your organization creates a vulnerability. There is a general distrust of the general structure of escrow, especially for cryptographic keys. If there is a pathway for third parties to access keys, this is another place for hackers to exploit to gain malicious access.

Read More: The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption – Schneier on Security

What is the difference between a key escrow and a recovery agent?

Key Escrow: Key escrow involves storing the cryptographic key itself with a reputable third party. The escrow service provider will be given instructions regarding who should be given access to the key in the event it gets lost.

Recovery Agent: A recovery agent is someone who has been granted access to the specific key within the encryption protocol. An agent may be someone within an organization who is trusted with the information protected by the encryption.

What is key recovery?

Key recovery is the process of searching through a cryptographic system to recover the keys of an encryption scheme. Many systems have built-in key recovery functions that allow approved parties to recover a key in the event that they lose it. Recovering keys lost due to disaster or system malfunction is simple if the system has been set up with a key recovery entry.

A properly setup key recovery system allows systems to bypass the risks associated with key escrow.

Along with key recovery comes key recovery attacks, in which hackers try to discover the key to decrypt contents of a given system. The most obvious method that malicious actors use to obtain a key is through an “exhaustive key-search attack”. This is like a brute force attack targeted at the encryption key itself. Because most modern ciphers have a 128-bit or greater key size, these attacks are theoretically infeasible.

What is a key recovery agent?

A key recovery agent is a person who is authorized to recover a certificate on behalf of an end user. Ideally, only highly-trusted individuals should be assigned to this role. Key recovery agents are granted access via the Key Recovery Agent certificate.

The recovery agent will typically enroll for a certificate and must be added to the certificate authority prior to being granted access.

Key Escrow Services

There are companies that offer key escrow services to store an organizations keys in a secure, protected format. Whether an organization needs their key for disaster recovery or legally mandated key recovery requirements, key escrow services will store and manage access to cryptographic keys. Organizations may use these services to ensure its own control of its keys, without being help captive by a specific manufacturer or technology.

Read More