A business must be able to retrieve encrypted data when users lose their decryption keys. This means that the enterprise to which the user belongs requires a system for backing up and recovering the decryption keys. There are two reasons why key backup and recovery are so important to businesses.The first reasons is that users forget passwords. It is potentially catastrophic for a business to lose data when users forget the passwords required to access their decryption keys. Valuable information would be lost forever if there was no ability to securely recover those keys. Furthermore, unless users know they can always recover their encrypted data (even if they forget their passwords), some users will not encrypt their most valuable and sensitive information for fear of losing it-even though that information needs to be protected the most.The second reason is that users may lose, break, or corrupt the devices in which their decryption keys are stored. For instance, if a user's decryption keys are stored on a magnetic card, the magnetic field on the card can become corrupted. Again, permanent loss of those decryption keys can be disastrous.

Users are prevented from recovering encrypted data unless their decryption keys are backed up.

The difference between key backup and key escrow

Commercial requirements for key backup and recovery can be completely separated from law enforcement requirements for "key escrow" - a topic widely discussed in the media. Key escrow means that a third party (such as a federal agent) can obtain the decryption keys required to access encrypted information. The purpose of key escrow is to help with law enforcement, and key escrow is a heavily-debated topic because of the fine lines between issues of public interest (such as national security) and individual freedom and privacy. Key backup and recovery requirements, focus on fundamental commercial needs that exist regardless of law enforcement requirements.

Which keys require backup?

The only keys requiring backup are users' decryption keys. As long as a trusted agent (for example, the CA) securely backs up users' decryption keys, security is not compromised and the user's data can always be recovered. However, signing keys have different requirements from decryption keys. In fact, as the next section describes, backing up signing keys destroys a basic requirement of a PKI.