tiCrypt Admins
tiCrypt Administrator Overview
tiCrypt administrators are the managers of the system and have a minimal role in the escrowing process.
The main actions concerning key escrow performed by tiCrypt administrators are:
- Control when/if the user's key is escrowed. This action is accomplished by setting the user's state to Escrow on next Login.
- Read escrow certificates of existing users by Viewing their certificates in JSON format.
- Remove existing user key escrows by Requesting deletion of the encrypted group keys shared with escrow users.
- Apply signed orders by Executing certificates from the site-key administrator.
The administrators can control submission of site-key signed orders but cannot change such orders.
Submitting valid but incorrectly signed certificates results in a security violation and is reported in tiCrypt Audit.
The role of the administrators for key de-escrowing is severely limited.
Set up a User Escrow Key
tiCrypt escrow process is designed to minimize admin power. The admins will only sign the site key when they receive it. However, they cannot actively create escrow keys for users without the involvement of both the escrow groups and the site-key administrator.
To set an escrow key for a user navigate to the tab in the Users
section.
- Select the user you want to escrow the key for.
- Click the
Change State
button in the top right. - In the prompt, select the
Active on next login
option. - Click .
The escrow key for the user will show up in the escrow group interface, which is separated from the tiCrypt main system. The generated escrow key will be used in the event of private key recovery in the future and is now the escrow group and site-key admin responsibility.
If an admin refuses to Change state
of the user to Active and Escrow on next login
, the escrow recovery key will never be generated in the first place, hence making it impossible to recover the user's account in the future.
You can also perform this action by selecting the user, and clicking on Open Overlay
in the top right panel, then clicking on Active
in the left panel and selecting the option Active and escrow on next login
in the prompt, then clicking on .
When an admin selects Escrow on Next login
:
- The backend triggers the message "you can only perform one action now which is escrowing the key." to frontend automatically.
- The frontend escrows the key in milliseconds.
- The user does not have to do anything except to login into the system.
Neither the site-admin nor escrow users can sign keys alone. They must collaborate to sign them together.
For newly created accounts, you should allow all users to get their keys escrowed if they lose their private key in the future.
To learn more about changing user state to escrow on the next login, please read the Admin Management- Change User State section.
View Escrow Users
To view the escrow users, navigate to the tab in the Escrow Users
section.
- View all existing escrow users in the system.
- Only Super-admins can view this management section.
- In this section, only deletion requests can be made.
Delete Escrow Users
1.First (Super admins only):
To delete an escrow user from the system navigate to the tab in the Escrow Users
section.
- Select the escrow user you would like to delete.
- Click the
Create deletion request
button in the top right. - View the downloaded request file in your local machine.
- Email the
request file
to the site-key admin.
2. Second (Site-key admin only):
- Log in to the site-key interface.
- Click the button in the top left card.
- In the prompt, select the received
request file
from super-admin. - Click .
- Tick the
Sign
box. - Type your password in the top right panel.
- Click .
- Email the signed
request file
back to the super-admin.
3. Third (Super admins only):
To execute the request file
navigate to tab in the Escrow Certificates
section.
- Click the
Execute Signed Certificates
button in the top right. - In the prompt, click .
- In the prompt, find and select the
request file
from site-key admin. - Click .
- Click .
Now, the escrow user is deleted and can no longer log in.
- In the backend the signed document simply says that "this is an order to remove an escrow user."
- The site-key admin must communicate with the super admin about adding or removing an escrow user at all times.
- Only signed orders from the site-key admin can control the escrow users.
View Escrow Certificates
The only action in this section is viewing the signed orders.
To view the signed orders navigate to tab in the Escrow Certificates
section.
- Select the escrow certificate you would like to view.
- Click
View Certificate JSON
in the top right. - In the prompt, view the certificate in JSON format.
- Click .
Upload Escrow Certificates
Before uploading an escrow certificate, send the generated .json
file to the site-key administrator for counter-signing. Wait for them to sign the order as described in the site-key admin escrow groups.
To upload a signed certificate navigate to tab in the Escrow Certificates
section.
- Click the
Execute Signed Certificates
button in the top right. - In the prompt, click .
- In the prompt, find and select the signed certificate from site-key admin.
- Click .
- Click .