Enhancing Data and Communication Security with Key Recovery Technology
Article Sidebar
Main Article Content
Abstract
In the digital era, network-based communication has become a cornerstone of diverse human and societal activities. This evolution has brought to the forefront the critical importance of information security and communication reliability. To protect sensitive data from threats that could compromise its integrity and availability, Key Recovery Technology (KRT) plays a pivotal role in enhancing trust and resilience in digital communication systems. It is particularly essential in cases where secret keys used for data encryption are lost or become unusable, which can result in a complete loss of access to encrypted information. Such incidents may result in significant damage at individual, organizational, and infrastructural levels, including the loss of business-critical evidence, breaches of personal data, or the disruption of essential public services. KRT enables the recovery of secret keys in a secure and privacy-preserving manner, ensuring that data remains accessible without violating user confidentiality. Moreover, this technology supports compliance with legal and regulatory frameworks by allowing authorized access to data under investigation, ensuring transparency and accountability while preventing unauthorized access. Therefore, KRT serves as a key enabler of robust information security, supporting business continuity and fostering sustainable trust in the digital ecosystem by upholding the principles of confidentiality, integrity, and user privacy.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
- Content and information in articles published in NKRAFA Journal of Science and Technology are comment and responsibility of authors of articles directly. Journal editorial do no need to agree or share any responsibility.
- NKRAFA Journal of Science and Technology Articles holds the copyright of the content, pictures, images etc. which published in it. If any person or agency require to reuse all or some part of articles, the permission must be obtained from the NKRAFA Journal of Science and Technology.
References
W. Stallings, Cryptography and Network Security Principles & Practice, 8th ed. Pearson, 2023.
กนกวรรณ กันยะมี และ จำรูญ จันทร์กุญชร, "การเพิ่มความมั่นคงในการบริหารจัดการกุญแจลับสำหรับการกู้คืนกุญแจแบบหลายเอเจนต์ที่อาศัยศูนย์กลางในการกู้คืนกุญแจ," วารสารวิชาการมหาวิทยาลัยอีสเทิร์นเอเชีย ฉบับวิทยาศาสตร์และเทคโนโลยี, ปีที่ 18, ฉบับที่ 2, หน้า 171-183, พฤษภาคม-สิงหาคม, 2567.
National Institute of Standards and Technology, "Requirements for Key Recovery Products." [Online]. Available: https://csrc.nist.rip/tacdfipsfkmi/finalrpt.pdf (Accessed: June 10, 2024).
W. Stallings, Cryptography and Network Security: Principles and Practice, 7th ed. Boston, MA, USA: Pearson Education, 2017.
National Institute of Standards and Technology (NIST), NIST Cybersecurity Practice Guide: Data Integrity – Detecting and Responding to Ransomware and Other Destructive Events, NIST Special Publication 1800-26, Gaithersburg, MD, USA, 2020.
D. E. Denning, "The US Key Escrow Encryption Technology," Computer Communications, vol. 17, no. 7, pp. 453-457, July, 1994.
M. Blaze, "Protocol Failure in the Escrowed Encryption Standard," in 2nd ACM Conference on Computer and Communications Security, Fairfax Virginia USA, 1994, pp. 59-67.
H. S. Dakoff, "The Clipper Chip Proposal: Deciphering the Unfounded Fears That Are Wrongfully Derailing Its Implementation," John Marshall Law Review, vol. 29, no. 2, pp. 475–530, 1996.
A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, no. 11, pp. 612–613, November, 1979.
S. Lim, S. Kang, and J. Sohn, "Modeling of multiple agent based cryptographic key recovery protocol," in 19th Annual Computer Security Applications Conference, Las Vegas, NV, USA, 2003, pp. 119-128.
S. Han, S. Liu, and D. Gu, "Key encapsulation mechanism with tight enhanced security in the multi-user setting: Impossibility result and optimal tightness," in 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, 2021, pp. 483-513
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ (ETDA), "เทคโนโลยีโครงสร้างพื้นฐานกุญแจสาธารณะ (Public Key Infrastructure: PKI)," [ออนไลน์]. Available: https://www.etda.or.th/th/Useful-Resource/Knowledge-Sharing/articles/Public-Key-Infrastructure.aspx (เข้าถึงเมื่อ: 13 พ.ย. 2567).
K. Kanyamee and C. Sathitwiriyawong, "High-availability decentralized multi-agent key recovery system," in 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, Shanghai, China, 2009, pp. 290–294.
National Institute of Standards and Technology (NIST), "Post-Quantum Cryptography Standardization," [Online]. Available: https://csrc.nist.gov/projects/post-quantum-cryptography. (Accessed: April. 20, 2025).
D. J. Bernstein, J. Buchmann and E. Dahmen, Post-Quantum Cryptography, Berlin, Germany: Springer, 2009.
Y.-C. Lee and C.-S. Laih, "On the key recovery of the key escrow system," in 13th Annual Computer Security Applications Conference, California, USA, 1997, pp. 216-220.
A. Kundu, N. Ghosh, I. Chokshi, and S. K. Ghosh, "Analysis of attack graph-based metrics for quantification of network security," in 2012 Annual IEEE India Conference (INDICON), India, 2012, pp. 530-535.
K. Kanyamee and C. Sathitwiriyawong, "A secure multiple-agent cryptographic key recovery system," in IEEE International Conference on Information Reuse & Integration (IRI), Las Vegas, NV, USA, 2009, pp. 91-96.
R. N’goran, A. P. B. Brou, K. G. Pandry, J.-L. Tetchueng, Y. Kermarrec, and O. Asseu, "Zero Trust security strategy for collaboration systems," in 2023 International Symposium on Networks, Computers and Communications (ISNCC), Doha, Qatar, 2023, pp. 1-6.
A. Ometov, S. Bezzateev, N. Mäkitalo, S. Andreev, T. Mikkonen, and Y. Koucheryavy, "Multi-Factor Authentication: A Survey," Cryptography, vol. 2, no. 1, pp. 1-31, January, 2018.
A. Aßmuth, R. Duncan, S. Liebl, and M. Söllner, "A secure and privacy-friendly logging scheme," in Twelfth International Conference on Cloud Computing, GRIDs, and Virtualization, Portugal, 2021, pp. 8-12.
A. A. Wighneswara, A. Sjahrunnisa, Y. Romadhona, and K. I. Maula, "Network Behavior Anomaly Detection using Decision Tree," in IEEE 12th International Conference on Communication Systems and Network Technologies (CSNT), India, 2023, pp.1-6.
M. J. Goswami, "AI-Based Anomaly Detection for Real-Time Cybersecurity," International Journal of Research and Review Techniques (IJRRT), vol. 3, no. 1, pp. 45-53, Mar. 2024.
T. H. Austin and F. Di Troia, "A Blockchain-Based Tamper-Resistant Logging Framework," in Silicon Valley Cybersecurity Conference, Virtual Event, 2022, pp. 90-104.
J. Shen, Y. Zhao, S. Huang, and Y. Ren, "Secure and flexible privacy-preserving federated learning based on multi-key fully homomorphic encryption," Electronics, vol. 13, no. 22, November, 2024.
European Parliament and Council of the European Union, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), Official Journal of the European Union, L 119, May 4, 2016. [Online]. Available: https://eur-lex.europa.eu/eli/reg/2016/679/oj. (Accessed: April, 13, 2025).
สำนักเลขาธิการคณะรัฐมนตรี, “พระราชบัญญัติคุ้มครองข้อมูลส่วนบุคคล พ.ศ. 2562,” [ออนไลน์]. Available: https://www.ratchakitcha.soc.go.th/DATA/PDF/2562/A/069/T_0052.PDF. (เข้าถึงเมื่อ:13 เมษายน 2567).
