Key escrow (also known as a fair crypto system or key management) is:
|“||[a] deposit of the private key of a subscriber and other pertinent information pursuant to an escrow agreement or similar contract binding upon the subscriber, the terms of which require one or more agents to hold the subscriber's private key for the benefit of the subscriber, an employer, or other party, upon provisions set forth in the agreement.||”|
|“||[t]he processes of managing (e.g., generating, storing, transferring, auditing) the two components of a cryptographic key by two key component holders.||”|
|“||an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third-party may gain access to those keys.||”|
|“||an arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party, so that someone else can obtain them to decrypt messages. The keys are securely protected by the third party who is prohibited from accessing the keys unless requested by the Data Owner. Implementing a key escrow agreement addresses the recovery of the keys in case of loss."||”|
- ↑ NIST Special Publication 800-32.
- ↑ NIST FIPS 185.
- ↑ Creating Effective Cloud Computing Contracts for the Federal Government, Best Practices for Acquiring IT as a Service, at 15.
- ↑ Information Technology Data Protection Guideline, at 20.