An arrangement in which data decryption keys are placed in escrow with a third party, so that encrypted communications can be decrypted and read by an authorized outsider under controlled circumstances.
A cryptographic key entrusted to a third party, meaning that the key is kept “in escrow.” Normally a key would not be released to anyone but the sender or receiver without proper authorization. The purpose behind the key escrow is to serve as a backup if the parties with access to the cryptographic key lose the data, such as through some natural disaster or a crack attack. Picture this realistic scenario. Company A supplies software that Company B sells embedded in its hardware. Company B, worried that Company A may go out of business, requests that Company A place in escrow the source code for the software. Then, if Company A does go out of business, Company B is still able to sell products. The public became aware of the controversial side of key escrow at the time of the U.S. Clipper Proposal in the early 1990s. The Clipper Proposal suggested that to prevent abuse, there should be two separate escrow agents, each holding half of the key. The controversy began when the U.S. government suggested in a set of proposals that there should be a broader utilization of cryptography without intelligence officers and law enforcement agents’ abilities to read encrypted traffic being hampered. The idea was that key escrow would allow U.S. agents, subject to certain legal controls, to access copies of cryptographic keys protecting information exchanges. Although these proposals were publicly stated as being voluntary in nature, they produced much protest from citizens groups who saw key escrow not only as the first step toward placing domestic controls on cryptography but also as a step that would undermine the constitutional freedoms given to U.S. citizens—particularly privacy and freedom from unwarranted government intrusion into citizens’ private lives. Those on the other side of the debate maintained that widespread use of strong cryptographic information protection had certain risks associated with it, such as key loss. For this reason and particularly in times of emergency, end users needed some way of recovering the key. The stated objective of key escrow was to find a compromise so that all parties making concessions would get something in return. After much effort by those who stood more toward the center, a consensus was eventually reached on the concept of key recovery. Gladman, B. Key recovery—meeting the needs of users or key escrow in disguise? [Online, 2004.] B. Gladman Website: http://www.fipr.org/publications/key-recovery .html; Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website: http://www .linuxsecurity.com/resource_files/documentation/hacking-dict.html.