Rivest suggested the idea of multi-grade cryptography, which lets a cryptosystem present multiple levels of security under different circumstances. For instance, to an external law enforcement agent, the cryptosystems of the users in an organisation might show a high level of security (e.g., equivalent to a 64-bit key-search). Once this high-level security ``shell'' is broken with a non-tivial effort, each user's key becomes an easier computational problem (e.g., 40-bit key-search). To any other parties who cannot afford to break the shell, user security is an intractable problem. An important point in muti-grade cryptgraphy is that the external law enforcement agent should only need to break the an organisation's shell once.
We construct an example of multi-grade cryptography for integer factorisation based cryptosystems. In our system, the private keys of all users in an organisation share a single secret - the shell which once broken enables them to be factored. The nontrivial requirement here is to prevent the users, who know their own private keys, from computing the hard shell.