Government agencies may need access to encryption keys of users or organizations for court-authorized law enforcement purposes. However, because of privacy and efficiency issues, it is desirable for private businesses or individuals to maintain their encryption keys for their employees and customers and to allow for emergency key recovery and also to allow access by the government agencies only when such access is authorized by the courts. Furthermore, such access should be authorized only for as long as such a court order is valid, and only the government agency should have access to the actual key value. It is also desirable that when an encryption key is requested, that the user or device does not know it is being monitored by the government agency.
Accordingly, what is needed is a method that provides access by the government to an encryption key pursuant only to a valid court order. What is also needed is a method of providing access to an encryption key such that when encryption keys are provided to a government agency pursuant to a court order, only the agency has access to the actual key value. Furthermore, what is also needed is a method of providing access to an encryption key such that only authorized parties know the identity of the device or user being monitored. What is also needed is a method of providing access to an encryption key only for as long as a court order for such a key is valid. What is also needed is a method of providing access to an encryption key that provides an audit trail so that it can be verified that proper procedures have been followed during all steps of the key access process.
More generally, there is a need for securely providing encryption keys to an authorized party pursuant to an authorized request without the user's knowledge.