What is key recovery and why is it causing a fuss?
A number of governments, including those in the US and UK, have proposed key escrow or key recovery schemes. The aim of the schemes is to allow authorised officials to decrypt intercepted messages. Law enforcement and intelligence agencies argue that without this ability, criminals can abuse cryptography to conceal illegal activity from the law. Under key escrow, it would be mandatory for everyone using encryption products to provide a copy of their key to the government for law enforcement access. Under key recovery, the key would be kept by a third-party, generally a commercial service provider. Both systems generally claim that keys and/or plaintext would only be available to law enforcement with a court warrant. The basis of key escrow and key recovery is that all encryption keys are stored in key repositories where government officials can obtain copies of them for use in decrypting messages. There are significant privacy concerns with this approach. There are also major risks in
