Enhancing Security in Secret Key Management for Multi-Agent Key Recovery Utilizing a Centralized Key Recovery Center
Keywords:
security, secret key, key recovery, agent, key recovery centerAbstract
Key Recovery System is an important technology in the era of digital communication. Cryptography is used to increase data security and maintain user privacy. This research is a developmental research. The objective is to develop a new secure Secret Key--Ks management model for Multi-Agent Key Recovery--M-KRA that uses Key Recovery Center--KRC that works with Key recovery Agent--KRA. This method is called E-SHAM-KRS. The goal of this research is to present a model for the Ks management process to ensure confidentiality between the recipient and the sender or the agency that has legal access to the information. As a result, Ks recovery is secure, reliable, and provides users with privacy and supports key recovery even when KRA in the recovery group fails. It works on a public key infrastructure. The evaluation of the efficiency of the Ks management process of E-SHAM-KRS, which was compared with the previous system, shows that (1) E-SHAM-KRS can maintain the secret of Ks, resulting in the Ks having highly safe and there is no chance of the Ks being leaked to third parties. (2) Key Recover Filed--KRF has slightly increased in size but is significantly more secure and private. And (3) E-SHAM--KRS
requires a slightly increased amount of time to generate KRF to support a more secure and stable Ks management function. Moreover, E-SHAM-KRS has successfully addressed vulnerabilities related to the leakage of Ks, resulting in a more reliable key recovery process.
References
Chang, W., & Tsay, R. (2023). A secure and reliable private key recovery method. Proceedings of International Conference on Consumer Electronics (pp. 535-536). Taiwan: Pingtung.
D’Arco, P. (2001). On the distribution of a key distribution center. Proceedings of Theoretical Computer Science (pp. 357–369). Italy: Torino.
Denning, D., & Branstad, D. (1997). A taxonomy for key recovery encryption systems. Communications of the ACM, 39(3), 34–40. https://doi.org/10.1145/227234.227239
Huadpaknam, P., Pirak, C., & Mathar, R. (2014). A novel security key recovery framework for smart grid applications. Proceedings of Asia-Pacific Conference on Communication (pp. 387-390). Pattaya: IEEE (in Thai)
Hughes, L.E. (2022). Basic cryptography: Symmetric Key Encryption. In L. E. Hughes (Ed.) Pro Active Directory certificate sServices (pp. 3-17). Berkeley, CA: Apress.
Kanyamee, K., & Sathitwiriyawong, C. (2010). A simple high-availability multiple-agent key recovery system. Proceedings of International Conference for Internet Technology and Secured Transactions (pp.734-739). London: IEEE
Kanyamee, K., & Sathitwiriyawong, C. (2010). High-availability decentralized multi-agent key recovery system. Proceedings of International Conference on Computer and Information Science (pp. 290-294). Shanghai: IEEE
Kanyamee, K., & Sathitwiriyawong, C. (2014). High-availability decentralized cryptographic multi-agent key recovery. International Arab Journal of Information Technology (IAJIT), 11(1), 52-55. https://www.iajit.org/portal/PDF/vol.11,no.1/4749.pdf
Kim, T., Kim, W., Seo, D., & Lee, I. Y. (2021). A secure encapsulation schemes based on Key Recovery System. In Y. Park, D. Jadav and T. Austin (Eds.), Proceedings of Silicon Valley Cybersecurity Conference (pp. 25-37). Cham: Springer International Publishing.
Kim, T., Kim, W., Seo, D., & Lee, I. Y. (2021). Secure encapsulation schemes using key recovery system in IoMT environments. Sensors Journal, 21(10), 1-23. https://doi.org/10.3390/s21103474
Kuacharoen, P. (2014). Generating data recovery keys using Chinese Remainder Theorem. Journal of Computational and Theoretical Nanoscience, 20(10), 2157-2161. https://doi.org/10.1166/asl.2014.5650
Lee, Y. C., & Laih, C. S. (1997). On the key recovery of the key escrow system. Proceedings of 13th Annual Computer Security Applications Conference (pp. 216–20). San Diego: IEEE.
Lim, S., Hani, H., Kim, M., & Kim, T. (2001). In design of key recovery system using multiple agent technology for electronic commerce. Proceedings of the Industrial Electronics (pp. 1351-1356). Korea South: IEEE.
Lim, S., Kang, S., & Sohn, J. (2003). Modeling of multiple agent based cryptographic key recovery protocol. Proceedings of 19th Annual Computer Security Applications Conference (pp. 19–28). USA: IEEE
Shamir, A. (1979). How to share a secret. Info & Claims Communications of the ACM, 22(11), 612-623. http://dx.doi.org/10.1145/359168.359176
Slagell, A., Bonilla, R., & Yurcik, W. (2006). A survey of PKI components and scalability issues. Proceedings of the 25th IEEE International Performance Computing and Communications Conference, IPCCC 2006, April 10-12, 2006 (p. 10). Arizona: IEEE
Smart, N. (2016). Cryptography made simple (Information Security and Cryptography). Berlin: Springer.
