Skip to main content

Escrow Users

What are Escrow Users?

Escrow Users are not typical users of the system. Escrow users are ones that are assigned an "Escrow role" by the site key user. For more about this role, please visit SiteKey.

Upon activating users in the system, admins must select a checkbox indicating to "escrow user's key" or "do not escrow". This essentially means that if the user loses their private key it was escrowed, it can be recovered. If the user's key was not escrowed and they lose it, they cannot recover it.

Admins can change the escrow state of users at any point. If a user lost a key and then the user escrows, that will not help to recover the key. The user must login using their private key in order for the backend to receive pieces of the key.

How does Escrow work?

Every user in tiCrypt has a private and public key. Public keys can and should be shared with other users as there is no risk in sharing a public key. There is, however, a huge risk in sharing a private key.

In order to explain why escrow works the way it does, it is common to explain it using the following story.

You live in your house. You want to give other people the key to you house in case you ever lose your own key. But you do not want anyone to be able to get into your house of you're not there. You can give a key to a friend, but they can still go behind your back and enter your house. The same goes with your family. You think about giving a half of one key to one of your friends, and the other half of the key to another friend. This could work, but what if the two friends collaborate, put the keys together, and enter the house. This solution does not suffice. You cannot issue the pieces of the key to people that are related/ know eachother. Hence, you give 1/3 of the key to a member of your family, 1/3 f the key to one of your friends, and 1/3 of the key to a coworker. None of the people in the 3 groups know each other nor do they know who holds the other parts of the key. This solution works. And the more pieces of key that the owner of the house issues out, the more secure their house will be.

The way that Escrow works in tiCrypt the same. We enforce a minimum of three escrow groups, yet we encourage more. Each time a user's key is escrowed, the backend receives "pieces" of it. If the user ever loses their private key, one member from each escrow group must get and put the pieces together. This solution ensures that no single individual can obtain another user's private key.

How to create an Escrow User

In order to create a new escrow user, the user must FIRST communicate with the Site-key admin in order to determine which escrow group they will be a part of. Once instructed to a group, the user should navigate to the escrow interface. They can do so by selecting the dropdown located at the top right side of the login box. This is defaulted to "tiCrypt". Once a user navigates to the correct interface, they can register by selecting the green "REGISTER" button. A pair of public and private keys will generate for the user. The user cannot proceed until the keys are fully generated. Next, the user selects their escrow group, their credentials, and a password. Finally, the user is directed to download and save both their private and public keys. At this step, there is a default name for both the public and private keys. The user may choose to download with the default or give each of their keys a name.

Create Escrow User

The escrow user must then email their public key to the site-key admin so they can create the request for the escrow user and sign it.

The site-key admin will drag in the escrow user's public key into the dashboard of the site-key interface dashboard. They will click the check box, sign it using their password, and download the signed request. Next, the site-key admin will email it to a super admin in the system. From there, a super admin must log in to the tiCrypt interface, go to the Management tab, and navigate to the "Signed Escrow Actions." The admin must select the plus icon located at the top right side of the screen and drag in the requested file that was emailed to them by the site-key admin. Once dropped, the super admin must sign by clicking the check box, and applying selected.