A system that can recover the keys but requires a sophisticated management system, otherwise the security of all encrypted data may be collapsed if a compromise exists.
Key recovery is a process used to recover encrypted information that does not involve the storing of the key or any part of the key with a third party. Many organizations find key recovery a preferable process to key escrows. The US government recently relaxed controls on the export of strong encryption based upon the development of key recovery technology by the computer industry.
Mechanism for determining the key used to encrypt some data, possibly through the use of an escrowed key.
The procedure by which the owner of a private key can retrieve that key when it has been lost. May be facilitated by a key recovery agent
The process of recovering a private decryption key from a secure archive for the purposes of recovering data that has been encrypted with the corresponding encryption key.
The ability of an individual, organisation or their authorised agents to obtain an extra copy of a key (or other information necessary for decryption) that enables them to decrypt the ciphertext.
a broad range of techniques permitting the recovery of plaintext from encrypted data when the decryption key is not in the posession of the decrypting party (e.g. the key is lost; the password encrypting the key has been forgotten; court-authorized agents who otherwise would not have access to the cryptographic key). This could include: (1) retrieving an entity's long-term encryption key, which had been stored in a secondary location (sometimes called "commercial key back-up" or "key escrow" depending on who controls the backed-up keys); (2) key encapsulation; or (3) key derivation techniques which allow for the confidential key to be regenerated from either end of the communication by the trusted third parties who provided the original mathematical elements used in generating the key.
A mechanism for retrieving cryptographic keys with the ultimate intent of decrypting ciphertext with them.
A special feature of a key management scheme that allows messages to be decrypted even if the original key is lost.