A means of recovering cryptographic keys when the usual means
for obtaining them is unavailable. User-controlled key recovery, in particular,
means that the owner of the information being protected can choose to enable
the key without otherwise altering the cryptographic protection strength
available to him or her. As Gladman suggests, it is important to recognize that
ownership of key recovery is retained by the information owner. Ownership of
key recovery is not retained by the government or the end user.
Key recovery,
particularly that which is user controlled, is a controversial topic, with
arguments from the governmentÂ’s side and those from the companiesÂ’ side
explained in a 2004 article by Brian Gladman.
In a business scenario, the business-owned information is at
risk. Therefore it is crucial that key recovery decisions are made by the
business and not by consumers. In contrast, in the utilization of cryptography
by private citizens, the interests of the user
and the information owner coincide; thus, the end user should have
control of key recovery actions.
See Also:
Cryptography or “Crypto”; Key.
Gladman, B. Key recovery—meeting the needs of users or key escrow in disguise?
[Online, 2004.] B. Gladman Website: http://www.fipr.org/publications/key-recovery
.html.