I have heard that in enterprises it is common that the IT admin has a master passphrase that can unlock any content that an employee encrypts.
It would be temping to think, that the IT admin's passphrase is encrypted with the employees passphrase, but then the IT can't change his passphrase.
How does such encryption actually work?
Is there a cryptographic secure method of doing this?
Another method to the ones described above would be ID-based encryption where a trusted third party, called the Private Key Generator (PKG), generates the corresponding private key based on the user's identity (whether it be domain name or email address).
Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID. If only part of the master private key is used to generate the corresponding private key, then the PKG can generate two private keys by using different parts of the master key. That way, the user will have one private key, and management the other.
Whether or not this is secure depends on how much you trust the third party PKG.
For further information, have a look at the following link.
Also have a look at the following article:
Identity-Based Encryption from the Weil Pair
If you do a search on the title, you should be able to find the associated PDF.
In general, the process goes like this:
Some of the keys the data encryption key is wrapped to could be generated from passwords via some secure password based key derivation method, such as PBKDF2.
Disclaimer: I don't know if this is really done as I write here, these are just some guesses.
One idea would be that in a file header the actual key used for encryption (the "session key") is encrypted with both the employees passphrase and the IT admin's passphrase (in parallel). Then it is enough to know one of the passphrases to decrypt the whole document.
Of course, this is easier to do if this key encryption (at least the admin part) is done with asymmetrical algorithms (like RSA) (since otherwise the employee, or at least the encryption software, would need the admin's passphrase). So we encrypt the session key with the admin's public key, and the admin then can decrypt it with his own private key, if needed.
Similar things are done when you send a PGP-encrypted email to several recipients.