When a receiver of a ciphertext message can not decrypt the message due to the fact that he has lost his private-key, the private-key of the receiver and session-key of the message need to be recovered. In this paper, we demonstrate how we have modeled and analyzed a new type of multiple agent based key recovery protocol. It is characterized by key encapsulation approach, protocol generalization, secret choice of key recovery agents and fork/join of session-keys by random-keys. The proposed protocol is formally modeled by a new pictorial model, an Extended Cryptographic Timed Petri Net (ECTPN). Recoverability of a session-key as well as performance of the protocol is verified by using a reachability graph of the ECTPN.