Skip to main content

tiCrypt Admins Role in Key Escrow

iCrypt administrators are tasked with managing key escrow activities to ensure the security and compliance of user data. Their responsibilities are clearly defined to maintain strict controls and prevent unauthorized access or modifications.

Primary Responsibilities:

  • Escrow Activation: Administrators control the escrowing of a user's key by setting the user’s state to "Escrow on Login," which initiates the escrow process whenever the user logs in.
  • Escrow Removal: They have the authority to remove existing user key escrows. This is done by deleting the encrypted group keys that have been shared with escrow users, effectively nullifying access to the escrowed keys.
  • Order Execution: Administrators are responsible for applying orders that have been signed by the site-key administrator. These orders must be followed precisely as they are issued, without alterations.

Security and Compliance Considerations:

  • Control Over Orders: While administrators can control the submission of site-key signed orders, they cannot modify these orders in any way. This ensures that the integrity of administrative actions is maintained.
  • Security Violations: Submitting a valid but incorrectly signed certificate is considered a security violation and is automatically reported through the tiCrypt Audit system.
  • Limited Role in De-Escrowing: The role of tiCrypt administrators in the de-escrowing process is intentionally restricted to prevent any potential misuse of power or access.

Set up a User Escrow Key

The tiCrypt escrow process is designed to minimize administrative power. Administrators will only sign the site key upon receiving it but cannot actively create escrow keys for users without the involvement of both the escrow groups and the site-key administrator.

To set an escrow key for a user, navigate to the tab in the Users section:

  • Select the user you want to escrow the key for.
  • Click the Change State button.
  • In the prompt, select the Active on next login option.
  • Click .

The escrow key will appear in the escrow group interface, separate from the main tiCrypt system. The generated escrow key will be used for private key recovery in the future and is now the responsibility of the escrow group and site-key admin.

danger

If an admin refuses to change the user's state to Active and Escrow on Next Login, the escrow recovery key will not be generated, making future recovery of the user's account impossible.

View Escrow Users

To view escrow users, navigate to the tab in the Escrow Users section:

  • View all existing escrow users.
  • Only super-admins can access this management section.
  • Deletion requests can only be made here.

Delete Escrow Users

For tiCrypt Admins:

  1. Navigate to the Escrow Users section in the management tab.
  2. Select the escrow user you wish to delete.
  3. Click the Create deletion request button.
  4. View the downloaded request file locally.
  5. Email the request file to the site-key admin.

For Site-Key Admins:

  1. Log in to the site-key interface.
  2. Click the button.
  3. Select the received request file from the super-admin.
  4. Click .
  5. Tick the Sign box.
  6. Type your password.
  7. Click .
  8. Email the signed request file back to the super-admin.

For tiCrypt Admins to Execute:

  1. Navigate to the Escrow Certificates section under the management tab.
  2. Click the Execute Signed Certificates button.
  3. Click and select the signed request file.
  4. Click .
  5. Click to finalize the deletion.
note

In the backend, the signed document states that this is an order to remove an escrow user. The site-key admin must always communicate with the tiCrypt admin regarding adding or removing an escrow user. Only signed orders from the site-key admin can control escrow users.