Skip to main content

Register Escrow User Account

In this section
  • How to register an escrow user account.
  • Manage escrow permissions.
  • Key escrow principles.

Register an Escrow User Account

To create an escrow user account in tiCrypt, follow these steps:

  1. Open Connect Application.
  2. Select your deployment card.
  3. In the login window, select the Escrow category.
  4. Click the Create new escrow account button in the center.
  5. Select the escrow group assigned to you by your admin.
  6. Click Continue to account information.
  7. Enter your first and last name along with your email address.
  8. Click Continue to password.
  9. Next, enter your password twice to confirm.
  10. Click Continue to optional information.
  11. Enter your optional department and position.
  12. Click Review account.
  13. Review your information and click on the field you want to update.
  14. Once you update the field, click the Return to review button.
  15. Click Finish registration to proceed.
  16. Select the folder for your public-private key pair and click Save.
  17. Click the Redownload CSR or private key button to re-download the keys.
  18. Click Continue to escrow.
  19. Wait for the Site-Key Admin to activate your account.
  20. Once active, click Load key on the login page.
  21. Open the key file that you saved locally.
  22. Enter your account password.
  23. Click Login.
tip

Ensure you know which escrow group you belong to before creating an escrow user account.

Delegate Escrow Permissions

To delegate escrow permissions to an admin, follow these steps:

  1. Login to your user account with admin or super-admin role.
  2. Go to Management icon in the top left panel.
  3. Select Users section.
  4. Select Users.
  5. Find and select the user with admin role you wish to delegate escrow permissions.
  6. Click the Open Full Menu three-dot button in the top right panel.
  7. Next, select Open Overlay.
  8. In the overlay, select Profile & Permissions card in the left panel.
  9. Go to the sections Basic Key Escrow and Key Esrow Administration.
  10. Select the following permissions as needed:
  • Escrow own key
  • Check if own key is escrowed
  • View all escrowed keys in the system
  • List escrow recovery key
  • Delete escrowed keys
  • View escrowed keys
  • View Escrow groups
  • View Escrow users
  • Escrow public key
  • View history of all Sitekey-authorized Escrow actions
  1. Once done, click Save in the top right panel.
danger

The Delete escrowed keys action should only be performed by Super-Admins.

caution

Only users with Admin or Super-Admin roles should manage escrow permissions.

Key Escrow in tiCrypt

tiCrypt employs a comprehensive security model where all resources are encrypted using AES-256 encryption, complemented by public-key cryptography for key management. Each user possesses a private key to decrypt their specific encryption key. If a user's key is lost or withheld, the data becomes irretrievable due to the encryption.

To address potential key loss or legal requirements for data access, tiCrypt integrates a key escrow system that enables the recovery of user private keys, thereby restoring data access. The following points outline the principles and structure of tiCrypt's key escrow system.

Design Principles

  • Cryptographic Security: Utilization of encryption and digital signatures is prioritized over access control lists.
  • Separation of Duties: Key recovery processes require multiple authorized individuals to prevent unauthorized access if a user's credentials are compromised.
  • Limited Administrator Role: System and tiCrypt administrators have minimal involvement in key recovery to enhance backend security.

Roles in Key Escrow

  • Escrow Users: Perform tasks like sharing key segments and recovering keys. They require all parts of a key to initiate recovery.
  • Site-Key Administrator: Assigns and organizes escrow user roles into groups.
  • tiCrypt Administrators: Execute the escrow process as authorized by the site-key administrator.

Escrow Process

  1. Initiation: tiCrypt administrators activate escrow by setting a user's state to Escrow On Login.
  2. Key Decryption: Occurs when a user logs in and their private key is decrypted.
  3. Key Generation: A random AES-256 key is generated for each escrow group.
  4. Master Key Creation: A master AES-256 key is formed by combining all group keys.
  5. Encryption and Storage: The user's private key is encrypted with the master key and stored on tiCrypt's backend.
  6. Key Sharing: Each group key is cryptographically divided among the escrow users within the group and securely stored in the backend.

De-Escrowing

  • Key Recovery: Escrow users retrieve and reconstruct the master AES-256 key by piecing together their respective group keys.
  • Decryption: The master key decrypts the stored user's private key, which is then used to access the encrypted data.

Participation Requirement

At least one member from each escrow group must participate in key recovery to ensure multi-party verification and security.

This structured approach ensures that tiCrypt's key escrow system meets security thresholds, adheres to regulatory compliance requirements, and provides a robust fail-safe for data recovery in extreme scenarios, offering reassurance to users and clients.

Upon account registration, escrow users select an escrow group assigned by the site-key admin. No escrow action can be taken before the escrow user key is activated by the site-key admin.

If even one escrow user from a group is unable or unwilling to participate in key de-escrowing, the lost user's private key cannot be recovered. This highlights the critical role each escrow user plays in ensuring the security and recovery of user data, fostering a sense of responsibility and trust.