Abstract: A method and apparatus for ensuring that a key recovery-enabled (KR-enabled) system communicating with a non-KR-enabled system in a cryptographic communication system transmits the information necessary to permit key recovery by a key recovery entity. In a first embodiment, data is encrypted under a second key K that is generated as a one-way function of a first key K′ and a key recovery block KRB generated on the first key K′. The key recovery block KRB and the encrypted data e(K, data) are transmitted to the receiver, who cannot decrypt the data without regenerating the second key K from the first key K′ and the key recovery block KRB. In a second embodiment, data is encrypted under a second key K that is generated independently of the first key K′. A third key X, generated as a one-way function of the first key K′ and a key recovery block KRB generated on the second key K, is used to encrypt the XOR product Y of the first and second keys K′, K.

Abstract: A Secure Key Management Framework (SKMF) defines an infrastructure for a complete set of cryptographic services augmented with key recovery enablement. There are three major layers—the application layer invokes the SKMF layer, while the SKMF layer invokes the service provider (SP) layer. The application layer code invokes the cryptographic API and key-recovery API supported by the SKMF. Multiple key recovery mechanisms and cryptographic mechanisms can be implemented as service providers that log-in underneath the framework using the well-defined service provider interfaces provided by the framework. The SKMF implements the supported ATP calls by making appropriate invocations of the service provider modules using the SPIs.

Abstract: In a cryptographic communications system, a method and apparatus for allowing a sender of encrypted data to demonstrate to a receiver its ability to correctly generate key recovery information that is transmitted along with the encrypted data and from which law enforcement agents or others may recover the original encryption key. Initially, the sender generates a key pair comprising a private signature key and a corresponding public verification key and sends the latter to a key recovery validation service (KRVS). Upon a satisfactory demonstration by the sender of its ability to correctly generate key recovery information, the KRVS generates a certificate certifying the public verification key and the ability of the sender to correctly generate key recovery information. The sender uses its private signature key to generate a digital signature on the key recovery information, which is sent along with the key recovery information and encrypted data to the receiver.

Abstract: The present invention provides a penetration-analysis method, which (1) provides a systematic approach to penetration analysis, (2) enables the verification of penetration-resistance properties, and (3) is amenable to automation. An Automated Penetration Analysis (APA) tool is provided, to support the penetration analysis method. The penetration-analysis system and method is based on a theory of penetration-resistant computer systems, a model of penetration analysis, and a unified representation of penetration patterns. The theory consists of the Hypothesis of Penetration-Resistant Systems and a set of design properties that characterize resistance to penetration. The penetration-analysis model defines a set of states, a state-invariant for penetration resistance, and a set of rules that can be applied for analyzing the penetration vulnerability of a system.