RIKE: Using Revocable Identities to Support Key Escrow in PKIs

摘要

Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality, require key escrow in certain scenarios; while some others such as non-repudiation, prohibit key escrow. Moreover, these two conflicting requirements can coexist for one user. The common solution in which each user has two certificates and an escrow authority backups all escrowed private keys for users, faces the problems of efficiency and scalability. In this paper, a novel key management infrastructure called RIKE is proposed to integrate the inherent key escrow of identity-based encryption (IBE) into PKIs. In RIKE, a user's PKI certificate also serves as a revocable identity to derive the user's IBE public key, and the revocation of its IBE key pair is achieved by the certificate revocation of PKIs. Therefore, the certificate binds the user with two key pairs, one of which is escrowed and the other is not. RIKE is an effective certificate-based solution and highly compatible with traditional PKIs.