Secure and Flexible Multiple-Agent Key Recovery System

Main Article Content

กนกวรรณ กันยะมี
จันทร์บูรณ์ สถิตวิริยวงศ์


- Cryptography helps strengthen security and privacy of data network activities.Symmetric cryptography uses the same session key for both message encryption and decryption. In case the session key is uavailable or legal investigation of transmitting messages is needed, an ap propriate recovery mechanism is required. This paper presents a Secure and Flexible Multiple-Agent Key Recovery System called SFM-KRS. It provides high secrecy of session key and high flexibility to manage the minimum number of key recovery agents (KRAs) for successful key recovery according to security policies and requirements. The key recovery process is appropriately designed using the concept of secret splitting. Since the session key can be recovered despite the failure of some key recovery agents, the problem of single point of failure can be avoided. Finally, it supports law enforcement needs and is based on the Public Key Infrastructure (PKI).

Article Details

How to Cite
กันยะมี ก. and สถิตวิริยวงศ์ จ., “Secure and Flexible Multiple-Agent Key Recovery System”, JIST, vol. 1, no. 2, pp. 17–24, Dec. 2010.
Research Article: Soft Computing (Detail in Scope of Journal)


1. D.E. Denning, “The US Key Escrow Encryption Technology,” Computer Communications. Vol. 17, No. 7, pp. 453-457, July 1994.

2. S.T. Walker, S.B. Lipner, C.M. Ellison and D.M. Balenson, “Commercial Key Recovery”, Communications of the ACM, Vo1. 39, No. 3, pp. 41-47, March 1996.

3. Y.Y. Al-Salqan, “Cryptographic Key Recovery”, the 6th IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems. October 1997, pp. 34-37.

4. B.W. McConnell, E.J: Appel, Enabling Privacy, Commerce, Security and Public Safety in the Global Information Infrastructure. (1996). Accessed 30 September 2009.

5. Yung-Cheng Lee and Chi-Sung Laih, “On the Key Recovery of the Key Escrow System”, the 13th Annual Computer Security Applications Conference. December 1997, pp. 216-220.

6. S. Lim, S. Kang, and J. Sohn, “Modeling of Multiple Agent Based Cryptographic Key Recovery Protocol”, the 19th Annual Computer Security Applications Conference, Las Vegas, December 2003, pp. 119-128.

7. Shin-Young Lim, Ho-Sang Hani, Myoung-Jun Kim and Tai-Yun Kim, “Design of Key Recovery System Using Multiple Agent Technology for Electronic Commerce”, Proc. International Symposium On Industrial Electronics 2001, pp. 1351-1356.

8. D.E. Denning and D.K. Branstad, A Taxonomy for Key Recovery Encryption Systems. Internet Besieged: Countering Cyberspace Scofflaws, 1998.

9. K. Kanyamee and C. Sathitwiriyawong, “A Simple High- Availability Multiple-Agent Key Recovery System”, the 4th International Conference for Internet Technology and Secured Transactions. London, 2010, pp. 734-739.

10. R. Perlman, “An Overview of PKI Trust Models,” IEEE Network. Vol. 13, Issue 6, pp. 38-43, November 1999.

11. Paolo D'Arco, “On the Distribution of a Key Distribution Center”, the 7th Italian Conference on Theoretical Computer Science. 2001, pp. 357-369.

12. Neuman, B.C. and Ts'o, T, “Kerberos: an Authentication Service for Computer Networks”, Communications Magazine of the IEEE, Vol. 32, pp. 32-38, September 1994.

13. Bruce Schneier, Applied Cryptography, New York. NY, John Wiley & Sons, 1996.