The IT Law Wiki

Key escrow system

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

In a public key encryption system, there may be instances where someone other than the communicating parties needs access to encrypted data. A key escrow system permits individual access to encryption but requires users to store their private keys with the government or a trusted third party.

Overview Edit

Such a system could be maintained by a private organization or the government, and anyone seeking access to an encrypted transmission would have to demonstrate their need for the key through a process, such as obtaining a search warrant, that ensures the legitimate privacy and security needs of users of encrypted transmissions.

"Key escrows, however, have substantial vulnerabilities. For instance, the key escrow system depends on the integrity of the person, department or system charged with safeguarding the private keys, and the key database itself could be vulnerable to attack, undermining any user's communication security and privacy."[1]

References Edit

  1. Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, at 15.

See also Edit

Also on Fandom

Random Wiki