Key Recovery, User-Controlled - Computer Definition
A means of recovering cryptographic keys when the usual means for obtaining them is unavailable. User-controlled key recovery, in particular, means that the owner of the information being protected can choose to enable the key without otherwise altering the cryptographic protection strength available to him or her. As Gladman suggests, it is important to recognize that ownership of key recovery is retained by the information owner. Ownership of key recovery is not retained by the government or the end user.
Key recovery, particularly that which is user controlled, is a controversial topic, with arguments from the government’s side and those from the companies’ side explained in a 2004 article by Brian Gladman.
In a business scenario, the business-owned information is at risk. Therefore it is crucial that key recovery decisions are made by the business and not by consumers. In contrast, in the utilization of cryptography by private citizens, the interests of the user and the information owner coincide; thus, the end user should have control of key recovery actions.
Gladman, B. Key recovery—meeting the needs of users or key escrow in disguise? [Online, 2004.] B. Gladman Website: http://www.fipr.org/publications/key-recovery .html.