Security Encyclopedia

Key Escrow

Key Escrow is an arrangement where the tools required to encipher and decipher information are held by a trusted third party in addition to being held by those having a private conversation. 

Under key escrow, encryption and decryption keys may be held in escrow by one’s government or employer for when — upon a court order, or under suspicion or corporate or foreign espionage — the keys are released and used to review the communications or for real-time monitoring. Releasing the keys from escrow results in what is termed exceptional access, or the granting of exceptional access for specified reasons such as national security or sensitive business discussions.

Key escrow, also known as a “fair” cryptosystem, is a subject of long-term debate between those who find it natural in their sphere (e.g. CIA), and those who are online privacy advocates. Uncertainty surrounding key escrow with the NSA’s SKIPJACK algorithm in the Clipper Chip was a reason why the Clipper Chip, a backdoored chipset meant for inclusion in all US-manufactured cellphones, failed in the 1990s.


“The crypto community is skeptical of so-called ‘fair’ cryptosystems where there are intentional backdoors or keys escrowed by a party with a vested interest in retaining visibility. Privacy advocates, in particular, have cited key escrow as setting a bad precedent and actually being counterproductive to its aims since keys often find their way outside of the control of the government or business overseeing the encryption scheme.”