MULTI-LEVEL KEY DISTRIBUTION
ALGORITHM FOR SECRET KEY
RECOVERY SYSTEM
TANAPAT MAHAVEERAWAT
Faculty of Science and Technology, Assumption University, Bangkok, Thailand.
Abstract:
Most of Multi Agent Key Recovery Systems are proposed from the assumption that Key Recovery Agents in the system have same availability of security service levelagreement and trust. Which mean, secret key will be shared to each Key Recovery Agent in equal secret’s portion. Practically, each Key Recovery Agent may have their own limitation in terms of securityservice level agreement according to economic cost, complexity and risks. This paper proposedMulti Level Key Distribution Algorithm,which the secret key can be managed into portionsharing and assignto each Key Recovery Agent (KRA) according to user’s trust. Withproposed algorithm, the experimental result had shown the advantage in secret sharing size and the system had improved initssecurity from the advantage of multilevel secret key distribution capability.
Keywords: Key Recovery; Key Recovery Agent; Secret Sharing.
1. Introduction
In this decade, the information sharing over the Internet application is dramatically increased along with higher demand of secureinformation transection over the Internet. Cryptography technology has been used to secure the information privacy. Typically the information sharing over the Internet are encrypted and decrypted by either Symmetric Key Algorithms or Asymmetric Key Algorithms [6].
In symmetric key encryption, sender and receiver are required to have same secret key to encrypt and decrypt the information. For Asymmetric key encryption users are required to use private secret key and public key to decrypt and encrypt the information. Sender will decrypt information with receiver’s public key and receiver require to use their private secret key to decrypt for the information. Both Symmetric and Asymmetric key encryption require receiver’s private secret key to decrypt for the information. If and only if private secret key is missing or damage then receiver may not be possible to decrypt for the information. By this reason, key recovery is needed to minimize risk of loss or damage of secret key mainly to retain an access to the original information as well as to support government law enforcement agent to access for some necessary data.
Key recovery technique can be classified to many kinds [9] in order to minimize problem from lost of or missing of the secret key. Initially single agent key recovery technique was introduced as key escrow [7] to reduce risk of loss or damage of the secret by user as well as support law enforcement for the investigation. However with the increment of Internet usage, made single agent key recover technique having higher risk to be attached for an importance secret key due to more chances of brute force or higher possibility for collusion as the Key Recovery Agents (KRA). Therefore model of multi-agent based cryptography key recovery protocol was introduced, starting with formal modeling representative [21] then followed by study of secure multi-agent cryptographic key recovery system [16]. But the system still has some limitations from unique particular group number distributed to each share. Resulting in lower system availability, due to no capability for Key Recovery Agents to perform as mirror backup [17]. Furthermore with the demand of longer digit of the secret key, lead the system to havelarger secret sharing size and lower speed of system performance. Finally as the result of economic cost and risks make key recovery systems are inherently less secure [1]. Hence to rely on equal share of secret key to every Key Recovery Agent or single level key distribution may be considered as too risky.
2. Proposed Multi-Level Key Distribution Algorithms for Secret Key Recovery System
In this paper, Multi-level Key Distribution algorithms for Secret Key Recovery will be introduced to improve the key recovery performance with non-divided secret sharing. Some of matrix operation might need to divide the secret in to n row and k column [22] which size of n,k matrix needs to consider [5,18,22,29,30]. Sometimes length of secret key after divided may not fit to designed matrix operation, n and k threshold and may lead to have additional calculation process to fit divided secret key to unmatched matrix’s size. With some studies of non-divided of secret key in [16,20,21] are allow more simple calculation for any demand of n and k threshold. Unfortunately it would sacrifice with shared size, as will as higher risks due to some addition parts of secrets key are added. With the advantage of sharing size from Shamir’s Secret sharing, that every share doesn’t exceed the size of the secret and if the threshold ’k’ is fixed then some existing secret can be remove or some new secret can be generated without affecting the other secret [25]. Also the secret sharing scheme is consider “perfect” as if any subset in the access structure can recover the secret while any unauthorized subset cannot gain any information about the secret [7].
With new development of processor allow user to get faster calculation of polynomial and Lagrange interpolation. Therefore Shamir’s secret sharing is selected as the secret sharing technique for this proposal.
2.1. Process for single-level key distribution secret sharing and its key recovery
Prior to start sharing secret key in the single level distribution the 100% of secret key will be divided into “n” pieces according to the number of available Key Recovery Agent and desired number of minimum shared secret to reconstruct for 100% of the secret key as k number. Become n,k threshold. At this state 100% of secret key will be divided to n pieces by Shamir’s threshold Secret sharing scheme. To calculates for the share secret key from the curve polynomial degree k-1, share of the secret key can defined as follow
f(x) = SSK+a1x+a2x2+…+an-1xk-1 (mod p) (1)
(xi,yi), i = 1,2, …, n; yi = f(xi) (mod p) (2) S1 = f(1)
S2 = f(2) Si = f(n)
p = large prime number SSK: secret key
k = minimum number of secret key required to reconstruct for the secret key a1,…,an-1: randomly chosen from 0 to p-1
Key Recovery Agent # 1 Key Recovery Agent # 2 Key Recovery Agent # 3 Key Recovery Agent # n
Part of 100% Secret Part of 100% Secret Part of 100% Secret Part of 100% Secret
Figure 1.0: Single-level key distribution secret sharing process 100% of Secret Key
Shamir’s Secret Sharing Scheme Evaluate for “n” and “k”
number required
Figure 2.0 Single-level key distribution secret reconstruction process.
To recover for the secret key user can request portions of the secret key from any available number of the Key Recovery Agent which number of secret portions must equal to defined “k” value. Then calculate for the secret key by Lagrange interpolation operation
From
∑ (3)
Whereas
∏ … … (4)
0 . (5)
1 . (6)
2 . (7)
2.2.Process for multi-level key distribution secret sharing and key recovery
In single-level Key Distribution secret sharing the secret sharing is done on assumption that each agent has same availability of security level or level of service and trust. Practically the levels of trust to each agent may not have same availability of service and security level due to there are some impact of risks [1] that can affect to system’s performance. By this reason, multi level trust system and secret key sharing is developed. Multi-level Secret Key sharing propose the divide of secret into half share of the secret as well as further division of the share whereby each Key Recovery Agent could be able to manage to keep unequally share of secret based on their service availability and user’s trust,first half share of the secret will be proposed as follow.
2.2.1. Half shares of the secret
Suppose the secret S is a string which contains 2n bits (n = 0, 1, 2, 3, …) where each bit is either 0 or 1. Then a secret of length k (= 2n bits) is represented as
S = dk-1 dk-2 dk-3 … d3 d2 d1 d0, where dj = 0 or 1 for j = 0, 1, 2, …, k – 1. (8)
If the secret S is taken to represent a binary number then the secret can also represent by the decimal equivalent V of the binary number where,
V = d020 + d121 + d222 + … + dk-22k-2 + dk-12k-1 = . (9)
A string S1 may be formed from the string S in (8) by using only bits in odd numbered positions from the left (i.e. dk-1, dk-3, dk-5, …, d5, d3, d1) and masking those in the even numbered positions from the left with the masking element 0 (i.e. dk-2, dk-4, dk-6, …, d4, d2, d0) and this represents about half, or 50%, share of the secret string S. In a similar manner a string S2 may be formed from the secret string S in (8) by using only bits in even numbered positions from the left (i.e. dk-2, dk-4, dk-6, …, d4, d2, d0 ) and masking those in the odd numbered positions from the left (i.e. dk-1, dk-3, dk-5, …, d5, d3, d1) with the masking element 0 and this string also represents about 50% share of the secret string S. Also, this share S2 may be obtained by treating the strings as binary numbers and calculating S2 = S – S1.
d
jk
j j
1
0
2
Key Recovery Agent #1, (Part of 100% Secret)
Key Recovery Agent #2, (Part of 100% Secret)
Key Recovery Agent #n (Part of 100% Secret) Key Recovery Agent #3, (Part of 100% Secret) User request for Key Recovery
and calculate for the secret key
Request for Key component
Consequently, two half (50%) shares of the secret string S may be formed where, S1 = dk-10 dk-30 … d30 d10 and S2 = 0 dk-20 dk-40 … 0 d20 d0. (10)
If the spacing element 0 is treated as the binary digit 0 then S1 and S2 have equivalent decimal values V1 and V2 given by,
V1 = d121 + d323 + … + dk-32k-3 + dk-12k-1 =
V2 = d020 + d222 + … + dk-42k-4 + dk-22k-2 = . (11)
It is seen that:
(a) If S1, S2, and S are taken to represent binary numbers then it is obvious from (10) that S = S1 + S2 and for their decimal equivalents V = V1 + V2.
(b) In the particular case where dj = 1 for j = 0, 1, 2, …, k – 1 then:
(i) From (8), S = 1111111…111 with k bits and V = 1 + 2 + 4 + …+ 2k-1 = 2k – 1.
(ii) From (10), S1 = 10101 …010 with k bits and from (11), V1 = 2 + 8 + 32 + … + 2k-1 = 2(2k -1)/3.
(iii) From (10), S2 = 01010…101 with k bits and from (11), V2 = 1 + 4 + 16 + … + 2k-2 = (2k -1)/3.
(iv) If k = 8 then V= 28 -1 = 255, V1 = 2(28 -1)/3 = 170, and V2 = (28 -1)/3 = 85.
2.2.2 Further division of the shares
This process of dividing the secret string S may be continued to form more strings which represent different proportions of the secret string S.
If we start with S1 = dk-10 dk-30 dk-5 … d30 d10 from (10) and select dk-1, dk-3, dk-5, … ,d3, d1 (i.e. starting with the bit dk-1 in position 1 select the bit in every second odd numbered position) and as before mask all the other bits with 0 then we have the share,
S11 = dk-10 0 0 dk-50 0 0 dk-90 0 0 … 0 0 0 d70 0 0 d3 0 0 0 with k bits,
which may be described as a one quarter, or 25%, share of the secret string S.
Similarly, a second string S12, which also represents a one quarter (25%) share of the secret string S, may be constructed using S12 = S1 - S11 when the strings are considered as binary numbers with the spacing element 0
treated as 0and so,
S12 = 00 dk-3000 dk-7000 dk-1100 0…000 d5 000 d10 = S1 – S11 with k bits.
A further two one quarter (25%) shares of the secret string S may be constructed in a similar manner to the construction of S11 and S12. Starting with S2 = 0 dk-20 dk-40 dk-6 0 … 0 d6 0 d4 0 d20 d0 the first position on the left is the spacing element 0 so this is held and we move to the right holding any other spacing elements until we reach the first non-spacing element (dk-2) which is treated as being in the odd numbered position 1. This bit is held and then as before we select the bit in every second odd numbered position and mask all the other bits with
0. This quarter share is labeled S21 and as before the second quarter share S22 is obtained from the result that as binary numbers S22 = S2 - S21. Thus,
S21 = 0 dk-2000 dk-6000 dk-10 00 0… 0 00 d6000 d200
And
S22 = 000 dk-4 000 dk-8 000 dk-120 00 … 000 d4 000 d0.
The decimal equivalents of the binary numbers S11, S12, S21 and S22 are given by: V11, V12, V21, and V22, respectively, where,
V11 = 23d3 + 27d7 + 211d11 + …+ 2k-9dk-9 + 2k-5dk-5 + 2k-1dk-1 =
d
j kj j
1 2 2
2
0 1 2
2
d
jk
j j
2 2
2
0 2
2
d
j kj j
3 4 4
4
0 3 4
2
V12 = 21d
V21 = 22d
V22 = 20d
Also, the
In Figure (a) At ea shares th with 1 (e S112) indi (b) The s the share of S1 lab share wa positions binary nu (c) It is s
The same
V = (V11 = (V11 = V11+ (V = (V111 + = V1
Basically and mini will be c
d1 + 25d5 + 29d
d2 + 26d6 + 210
d0 + 24d4 + 28d
e shares may b
e 3.0: ch stage a stri hat it is divide e.g. S21 and S12
icates an “eve subscript on ea e. For example eled S11 whic as formed by u
s occupied by umbers and su een that if the
S = (
= (
= S = ( = S
e relationships
1 + V112) + (V + V12 V121 + V122) + + V112) + V12 +
+
y to begin with imumreconstru considered bef
d9 + …+ 2k-11d
0
d10 + … + 2
k-d8 + … + 2k-12
be represented
Fi
ing that is div d into may be 21) then this in n” child. ach share iden e, S112 started ch was further
using the bits y spacing elem ubtracting this e shares are tre
(S111 + S112) + (S11 + S11 + (S121 + S (S111 + S112) + S1
s hold for the
V121 + V122) + ( 2) + ( + V21 + (V221 + + (V211 + V212) V
h Multi-level ucting share a fore perform s
dk-11 + 2k-7dk-7
-10
dk-10 + 2k-6dk
2
dk-12 + 2k-8dk-8
d as a tree stru
gure 3.0 the tree
vided to form t e described as ndicates that i
ntifies the prev with S1 (an “ r divided to pr in odd numbe ments and 2 i s share from th eated as binary
+ (S121 + S122) S12) + S122) + S21 + (S + S12 + (S211 +
+
decimal equiv
(V211 + V212) + (V21 + + V222)
) + V22 V2.
Key Distribu are required.A secret strappin
+ 2k-3dk-3 =
k-6 + 2k-2dk-2 =
8 + 2k-4dk-4 =
cture with the
structure associat
two shares ma s its “odd” an
t is an “odd” c
vious shares a “odd” child of roduce the “e ered positions indicates that he parent.
y numbers the
+ (S211 + S212) (S21 + S221 + S222)
S212) + S22 S2.
valents of the
+ (V221 + V222 V22)
ution,theorigin After that shar ngin order to
k j 4
k j = .e first part of t
ted with shares of
ay be referred
nd “even” chi
child and a su
and the way in f S) which wa ven child” S1 s from the left t the share wa
en,
) + (S221 + S22 S22)
binary numbe
2)
nal secret key ring level req
get portion o
d
j j 1 4 4 4 0 1 42
d
j k j j 4 4 4 0 2 42
d
j k j j 4 4 4 0 42
he tree as sho
f S.
d to as the par ildren. If a su ubscript that en
n which they w as divided to p 12. The subscr t in the parent as formed by
22)
ers associated
will beevalua quired for each
of secret key i
j2
own in Figure
ent share whi ubscript on a s nds with 2 (e.
were divided t produce an “o ript 1 indicate t share not cou y treating the
with the shar
atedfor numbe h Key Recove in percentage.
3.0
le the two share ends g. S22 and
o produce odd” child es that the unting the shares as
res and,
portion of the secret key will be handled by Sharmir’s Secret Sharing scheme then share secret is ready todistribute to each Key Recovery Agent.
Key Recovery Agent # 1 Key Recovery Agent # 2 Key Recovery Agent # 3 Key Recovery Agent # n Part of 100% Secret Part of 100% Secret Part of 100% Secret Part of 100% Secret Part of 75% Secret Part of 75% Secret Part of 75% Secret Part of 75% Secret Part of 50% Secret Part of 50% Secret Part of 50% Secret Part of 50% Secret Part of 25% Secret Part of 25% Secret Part of 25% Secret Part of 25% Secret
Figure 4.0 Multi-level key distribution secret sharing process
As seen in figure 4.0, after Shamir’s Secret Sharing scheme the secret key can manage to allocate to each Key Recovery Agent in many level of percentage portion sharing. Thus the system can manage to have equal shared of secret percentage portion or difference of shared percentage portion for each Key Recovery Agent in the system.
In figure 5.0:
It shows process diagram on how user can request for the data recovery. In Multi-Level Key distribution, user are required to request to selected Key Recovery Agent where the secret keys were kept in percentage portion. Once user got all secret’s components then original secret key can be reconstructed by user’s calculation.
Figure 5.0 Multi-level key distribution secret reconstruction process 100% of Secret Key
Shamir’s Secret Sharing Scheme
Evaluate for “n” available and “k” number required
Allocate shared secret key to each Key Recovery Equally Evaluate sharing level required
for each Key Recovery Agent
Secret key strapping
Key Recovery Agent #1, (Part of 100%/75%/50%/25% Secret)
Key Recovery Agent #2, (Part of 100%/75%/50%/25% Secret)
Key Recovery Agent #n (Part of 100%/75%/50%/25% Secret) Key Recovery Agent #3, (Part of 100%/75%/50%/25% Secret)
User request to Selected Key Recovery Agent and calculate for
the secret key by Lagrange interpolation and OR operation
Request for Key component
Our com 1600MH reconstru and figur
mparative testin Hz DDR3 wi
uction techniq re 7.0.
Figure
ng result are ith SSD mem que with the p
e 6.0 Secret shari
3. Comp
done with OS mory type. previous techn
ng size & secret s
parative Eval
S X V. 10.9.5 Comparison nique in [16,2
sharing construct
luation
5 processer 1. of new sin 20,21] from m
tion time for sing
8GHz Intel C gle-level key many aspects
le-level key distr
Core i5, memo y distribution
as shown in
ribution
ory 4GHz n and its
From figu (a) (b) (c) (d) (e) (f) From figu (a) (b) (c)
It is clea smaller th were sha 0 0 0 0 0 0 0 0 Ti me (s) (c) 0.0 0 0.1 0 0.2 0 Ti me (s) (a)
ure 6.0, comp In Single Lev over the varia In Single Le construction t In Single Lev over the varia 2 to k = 10. In Single Lev over the varia 2 to k = 10. In Single Lev over the varia In Single Lev over the varia
ure 7.0, comp In Single L reconstructing In Single Lev over the varia 2 to k = 10. In Single Lev over the varia ar that with p hen traditiona ared to any K
0 .01 .02 .03 .04 .05 .06 .07 .08 0 05 0.1 15 0.2 25 0.3 8 bi ts 32 b it s Secret paring propose vel Key Distri ation of origin evel Key Dist time over the vel Key Distri ation of minim
vel Key Distri ation of minim
vel Key Distri ation in numbe vel Key Distri ation in numbe
Figure 7.0
paring propose evel Key Re gtime over the vel Key Reco ation of minim
vel Key Reco ation in numbe proposed algo al technique a Key Recovery 128 b it s 512 b it s
Reconstructing T
ed technique w ibution, the pr nal secret key f tribution, the variation of o ibution, the pr mum number o
ibution, the pr mum number o
ibution, the pr er of shared (n ibution, the pr er of shared (n
0 Secret reconstru
ed technique w econstructing, e variation of onstructing, th mum number o
onstructing, th er of shared (n orithm to sing at all variation
Agents. Rega
Secr Time
Old Reconstr Techniqu New Shar Techniqu
with old secret roposed techn from 8 bits to proposed tec original secret roposed techn of shared to re
roposed techn of shared to re
roposed techn n) from n = 3 roposed techn n) from n = 3
uction times for s
with old secret , the propos
original secre he proposed of shared to re
he proposed n) from n = 3 gle-level key n of secret key arding to the
Ti
me
(s)
(b)
et Reconstructin
ructing ue
ring ue
t sharing techn nique has sma
1024 bits. chnique has s
key from 32 b nique has sma
econstruct for
nique has sma econstruct for
nique has sma to n =12. nique has sma
to n =12.
single-level key d
t reconstructin ed technique et key length f technique has econstruct for
technique has to n =12.
distribution y’s bit length
construction t 0 0.05 0.1 0.15 0.2 0.25 Ti me (s)
Secret Recon
)
ng Time
nique, it is see aller and cons
smaller and c bits to 1024 bi aller and cons r the original s
aller secret sha r the original s
aller and cons
aller secret sha
distribution
ng technique, e has smaller from 256 bits t s smaller secr r the original s
s smaller secr
system, all sh due to there i time, the exp
nstructing Time
en that: stant secret sh
constant secre its.
stant secret sh secret key (k),
aring construc secret key (k),
stant secret sh
aring construc
it is seen that r and consta to 1024 bits. ret reconstruc secret key (k),
ret reconstruc
hared secret is no part of s eriment resul
O Te N Te
Old Sharing T New Sharing
haring size
et sharing
haring size , from k =
ction time , from k =
haring size
ction time
:
ant secret
cting time , from k =
time constant and lower time consuming at every bit rang variation as well as at the condition of higher number of k,n threshold. While the traditional technique tend to consume more time over larger bit length of the secret key. For secret key reconstruction time, proposed algorithm consume more time to calculate for the secret key over the threshold of k,n condition. But with the variation of the secret key’s bit length over 256 bit, the traditional technique consumes much higher time consuming than propose algorithm.
In table 1.0 and 2.0 demonstrate the allocation of shared secret key to each Key recovery Agent asMulti-level Key Distribution.In table 1.0 Key Recovery Agent (KRA) manage to contain part of 50% and 100% (50%+50%) and table 2.0 Key Recovery Agents manage to contain part of 25%, 50%, 75%(50%+25%) and 100% (50%+50%) of secret key. Which k,n threshold and number of available Key Recovery Agent are considered in sharing distribution and system availability.
Table 1.0 part of 50% and 100% secret distribution
KRA1 KRA2 KRA3 KRA4 KRA5 KRA6 S1 S1 S1 S1 S2 S2
S2 S2
Table 2.0 part of 25% 50% and 75% secret distribution
KRA1 KRA2 KRA3 KRA4 KRA5 KRA6 KRA7 KRA8
S1 S1 S1 S1 S21 S21 S21 S21
S22 S22 S22 S22
The comparative evaluation result of traditional technique and new proposed technique for Single Level key distribution and Multi-Level key distribution according to share allocation in table 1.0 and 2.0 are shown in table 3.0.
Table 3.0-performance evaluation for each distribution technique. No. Characteristics Distribution technique (n,k = 4,2 , ssk = 256 bits)
Traditional
Single level key
distribution
Multi level key distribution (50% & 100%)
Multi level key distribution (25%, 50% & 75%)
(a) Secret Shared size/KRA 1752
Bytes 112 Bytes 112 Bytes 112 Byte
(b) Secret sharing construction
time 0.083239s 0.076208s 0.652790s 0.991652s
(c) Secret Reconstruction Time 0.082128s 0.079353s 0.112602s 0.169273s
(d) Share by level of service
and trust No No Yes (50%, 100%)
Yes (25%,50% & 100%)
(e) High Secrecy of Secret Key Medium High Higher Highest
(f)
Secret key can be recovered despite having some failure of KRA
Yes Yes Yes Yes
(g) System availability Low High Medium Medium
From Table 3.0 it is seen that:
(a) Shared secret size from proposed secret sharing technique has smaller size than the traditional technique in both Single level and Multi- Level key distribution.
(b) In single level distribution, secret sharing construction time of proposed technique has smaller time consumption but as per expected, secret sharing construction time of Multi-level key distribution has bigger time consumption than Single level key distribution.
(c) In single level distribution, secret reconstruction time of proposed technique has smaller time consumption but as per expected, secret reconstruction time of Multi-level key distribution has bigger time consumption than Single level key distribution.
(f) All techniques still have capability to recover for the original secret key despite having some Key Recovery Agent failure.
(g) Proposed secret sharing technique in Single level key distribution give highest system availability.
4. Conclusion
This paper proposed an alternative secret sharing technique to Multi Agent Key Recovery System on the assumption that each Key Recovery Agent may have “same” or “difference” in system availability and security level agreement. The design circumstantial is to improve existing sharing technique to achieve lower time consumption, smaller space required to keep the secret for each agent and maximize the utilization of unused agent for backing up or increase security level of the system.
In summary with proposed single-level key distribution technique,the experimentalresults showthat: Proposed system has smaller secret sharing size at all conditions of secret length, n,k threshold. Sharing construction time is better in all condition of tested n,k threshold and less sharing construction time from 64 bits secret’s length and above. System availability increased due to there is no signal group number required for each shared secret. Meaning that, user could be able to request for the service from any available Key Recovery Agents, no requirement to recheck for group matching of shared secret prior to ask for the key component.
With the assumption ofdifferencein system availability and security level agreement for each Key Recovery Agent, Multi-Level Key Distribution has been proposed to support this assumption. The system allows sharing small size of the secret key in 25%, 50%, and 75%. Then distribute to Key Recovery Agents un-equally based on their system availability and user’s trust. On the whole, the entire shared secret key can be combined to be 100% of original secret key. Shared secret from proposed Single and Multi-Level Key Distribution techniques are very secure, as there is no parts of the original secret key contain in any shared secret.
The proposed algorithm provide the advantages in higher security demand in term of secrecy of shared secret key, higher flexibility secret key management such as capability to managed unused agents as mirror backup, multilevel-level key distribution by having secret’s portion to high trusted and low trusted agents. Higher system performance for larger bit length requires. Further research in secret distribution management to maximize system security and minimize time consumption is required in our approach.
References
[1] Abelson, H.; Anderson, R.; Bellovin, S.; Benalob,J.; Blaze, M.; Diffe,W.; Gilmore, J.; Neumann, P.; Schiller, J.; Schneier, B. (1997): The risks of key recovery, key escrow, and trusted third-party encryption, World Wide Web Journal - Special issue: Web security: a matter of trust, Volume 2 Issue 3, Summer 1997, pp 241-257.
[2] Aldosary, S.; Howells, G. (2012): A robust multimodal biometric security system using the polynomial curve technique within Shamir’s Secret Sharing Algorithm, 3rd International Conference on Emerging Security Technologies, pp.66-69.
[3] Bai,L. (2006): A strong ramp secret sharing scheme using matrix projection, Proceedings of the 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 652-656.
[4] Barbosa,M.; Farshim, P. (2005): Efficient Identity-Based Key Encapsulation to Multiple parties, Lecture notes in computer science(0302-9743), pp.428.
[5] Blakley, G. (1979): Safeguarding cryptographic keys, Proc AFIPS, vol. 48, pp.313-317.
[6] Clark, A. (1997): Key Recovery – Why, How, Who?, Computer and Security, Vol.16, No. 8, pp. 669-674.
[7] Denning, D. (1994): The US Key Escrow Encryption Technology, Computer Communication, Vol.17, No.7, pp.453-357.
[8] Denning, E; Branstad,D. (1996): A Taxonomy for Key Escrow Encryption Systems, Communication of the AMC, Vol.39, No.3, pp.34-40.
[9] Denning, D.; Branstand, D. (1996): A Taxonomy for Key Recovery Encryption System, communication of ACM, Vol.39, No.3, pp.34-40.
[10] Denning, D.; Smid, M. (1994): Key Escrow Today, IEEE Communications Magazine, Vol. 32, No.9, pp.58-68. [11] Geansan, R.(1996): How To Use Key Escrow, Communication of the ACM, Vol.39, No.3, pp.34-40.
[12] Greene,K.; Bounds,H. (1983): On Sharing Secret System, IEEE Trans. Information Theory, No.29(1),pp.35-41. [13] Gove,R. (1998): Introduction to Encryption Technology, Data Security Management, No.4.
[14] He, J.; Dawson, E. (1995): A New Key Escrow Cryptosystem, Lecture Note in Computer Science, Vol.1029,pp.105-113.
[15] Jefferies, N.; Mitchell, C.; Walker, M. (1995): Proposed Architecture for Trusted Third Party Services, Lecture notes in Computer Science, Vol.1029, pp.98-104.
[16] Kanyamee, K.; Sathitwiriyawong, C. (2009): High-Availability Decentralized Multi-Agent Key Recovery System, 8th IEEE/ACIS International Conference on Computer and Information Science, pp. 290-294.
[17] Krakowsky,B.; Doto, J. (2007): RAID Technology and Data Storage Today Book.
[18] Kurihara, J.; Kiyomoto, S.; Fukushima, K.; Tanaka, T. (2008): A New (k,n)-Threshold Secret Sharing Scheme and Its Extension, In Proceedings of the 11th international Conference on information Security (Taipei, Taiwan), Vol.5222, pp.455-470.
[19] Lee, Y.; Laih, Y. (1997): On the key recovery of the Key Escrow System, Proceeding of 13rdAnnual Computer Security Applications Conference, pp.216-220.
[20] Lim, S.; Ham, H.; Kim, M.; Kim, T. (2001): Design of Key Recovery System Using Multiple Agent Technology for electronic commerce,ISIE, Vol.2, pp.1351-1356.
[21] Lim,S.; Kang,S.;Sohn,j. (2003): Modeling of Multiple Agent based Cryptographic Key Recovery Protocol, Proceeding of 19th Annual Computer Security Applications Conference, pp.119-128.
[22] Lv,C.; Jia,X.; Tian, L.; Jin,J.; Sun,M. (2010): Efficient Ideal Threshold Secret Sharing Schemes Based on EXCLUSIVE-OR Operations, Proceeding of 4th International Conference on Network and System Security,” pp.136-143.
[24] Mojoumian, M.; Stinson,D.; Grainger, M. (2010): Unconditionally Secure Social Secret Sharing Scheme, IET Information Security, Special Issue on Multi-Agent and Distributed information, pp.202-211.
[25] Narano,S. (2013): Social Secret Sharing for Resource management in Cloud, ARXIV:1302.1185.
[26] Peiter, M.; Jajodia, S. (2001): An Authorization Model for a Public Key management Service, ACMM Transaction on Information and System Security, pp.453-482.
[27] Sharmir, A. (1979): How to share a secret, Communication of the ACM,Vol. 22 Issue 11, pp. 612-612.
[28] Walker, S.; Lipner, W.; Ellison, C.; Balenson, D. (1996): Commercial Key Recovery, communication of ACM, Vol.39, No.3,pp. 41-47.
[29] Wang, K.; Zou, X.; Sui, Y. (2009): A Multiple Secret Sharing Scheme based on Matrix Projection, 33rd IEEE International Computer Software and Application Conference, pp.400-405.
