Skip to main content

Escrow Users

What is the Overall Key Escrow Process in tiCrypt?

tiCrypt employs a comprehensive security model where all resources are encrypted using AES-256 encryption, complemented by public-key cryptography. Each user possesses a private key to decrypt their encryption key. If a user's key is lost or withheld, the data becomes irretrievable due to the encryption.

To address potential key loss or legal requirements for data access, tiCrypt integrates a key escrow system that enables the recovery of user private keys, thereby restoring data access.

What are the Escrow Design Principles?

  1. Cryptographic Security: Utilization of encryption and digital signatures is prioritized over access control lists.
  2. Separation of Duties: Key recovery processes require multiple authorized individuals to prevent unauthorized access if a user's credentials are compromised.
  3. Limited Administrator Role: System and tiCrypt administrators have minimal involvement in key recovery to enhance backend security.

What are the Roles in the Escrowing Process?

  1. Escrow Users: Perform tasks like sharing key segments and recovering keys. They require all parts of a key to initiate recovery.
  2. Site-Key Administrator: Assigns and organizes escrow user roles into groups.
  3. tiCrypt Administrators: Execute the escrow process as authorized by the site-key administrator.

What are the Escrow Phases?

  1. Initiation: tiCrypt administrators activate escrow by setting a user's state to Escrow Upon Login.
  2. Key Decryption: Occurs when a user logs in and their private key is decrypted.
  3. Key Generation: A random AES-256 key is generated for each escrow group.
  4. Master Key Creation: A master AES-256 key is formed by combining all group keys.
  5. Encryption and Storage: The user's private key is encrypted with the master key and stored on tiCrypt's backend.
  6. Key Sharing: Each group key is cryptographically divided among the escrow users within the group and securely stored in the backend.

What are the Key De-Escrowing Phases?

1. Key Recovery: Escrow users retrieve and reconstruct the master AES-256 key by piecing together their respective group keys.

2. Decryption: The master key decrypts the stored user's private key, which is then used to access the encrypted data.

How Many Escrow Users must Participate in the Escrow Process?

At least one member from each escrow group must participate in key recovery to ensure multi-party verification and security.

This structured approach ensures that tiCrypt's key escrow system meets security thresholds, adheres to regulatory compliance requirements, and provides a robust fail-safe for data recovery in extreme scenarios, offering reassurance to users and clients.

Upon account registration, escrow users select an escrow group assigned by the site-key admin. No escrow action can be taken before the escrow user key is activated by the site-key admin.

If even one escrow user from a group is unable or unwilling to participate in key de-escrowing, the lost user's private key cannot be recovered. This highlights the critical role each escrow user plays in ensuring the security and recovery of user data, fostering a sense of responsibility and trust.