CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Wednesday, October 9, 2024

Key Escrow - Private Key

 Key Escrow


A key escrow is typically a third party that safely stores a copy of private keys. They use the M of N control. The M has to be greater than 1, and the N has to be greater than the M. For example, employing 5 trusted individuals (N) would require at least 2 (M), each having part of the key.

This is in case a private key is damaged or lost. Making multiple copies of the private key becomes challenging to manage and could lead to compromise if stored on organization media. 

A company could implement its key escrow by having multiple trusted employees with part of the key. Two or three of them could have USB drives with part of the key. 
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)