In: Journal of Systems and Software 58 (2), pages 93-106. September 2001.
Abstract: When a receiver of a ciphertext message cannot decrypt the message due to the fact that he has lost his private-key, the private-key of the receiver and session-key of the message need to be recovered. In this paper, we design a new n-way Key Recovery System (n-KRS) that is characterized by key encapsulation approach, n-way key recovery, secret designation of key recovery agents, fork and join of session-key with random keys, recovery request by a new key pair, certificate attaching scheme, component-based software engineering, and conformance to international standards. n-KRS is specified and analyzed by Extended Cryptographic Timed Petri Net (ECTPN) model that is a new formal and graphical specification model for cryptographic protocols. Recoverability, performance characteristics of n-KRS are evaluated by means of reachability graph of ECTPN. A prototype of n-KRS is developed and evaluated by means of CC 2.0 based information security system evaluation scheme.
Keywords: Key recovery system; Key encapsulation; Cryptography; Security; Petrinet modeling.