A Key-Recovery System for Long-term Encrypted Documents

Confidentiality is often one of the primary requirements for electronic documents. Often, encryption is used for achieving these confidential documents. From the perspective of an electronic document system, key management for long-term encrypted documents could become problematic, especially for big organizations. There are a number of non-trivial issues to be handled by such a system. In particular, some of the encrypted confidential documents need to be stored for a long period of time. It is possible that the keys for accessing these documents may get loss or corrupted. On the other hand, storing duplicates of these keys may not be secure. To handle this problem, we propose an electronic document system, which makes use of cryptographic hardware tokens. In this paper, we will describe the key recovery mechanism for this system. We use the secret sharing scheme, and integrate it into our system. It securely protects longterm encrypted documents without sacrificing users¿ convenience or system¿s scalability. Prototype has been implemented, and preliminary results have been encouraging.