1. Field of Invention
The present invention relates to a method for backing up and restoring an encryption key, in particular to a method for backing up and restoring an encryption key for data encryption/decryption generated by a trusted chip.
2. Description of Prior Art
Today, the society has entered the information age where the computer and network have been gradually applied to various fields. Accompanied by the progress towards higher information technology and the emergence of new network services such as electronic business, the society relies on the computer and network to a growing extent. As a result, information security plays a more important role in the information age, and the requirements on information security are highly strengthened.
The purpose of guaranteeing information security in a better fashion has brought about so-called trusted chip technology, which means providing a trusted chip within a computer so as to encrypt/decrypt data to be protected with the trusted chip. The ability of the trusted chip technology to guarantee information security can be attributed to two critical points. First, the trusted chip utilizes a preset algorithm to generate a random root key, which is firmed in the trusted chip in the form of plain text and operates only inside the trusted chip without any possibility of being read out of the chip. Next, the trusted chip generates a key for data encryption/decryption (hereafter referred to as “encryption key”), which can be exported from the trusted chip only after being encrypted with the root key. On the other hand, the encrypted encryption key can be decrypted with the corresponding root key and revert to its original appearance only after being imported into the trusted chip. In other words, the encryption key can encrypt/decrypt data to be protected only within a specified trusted chip, which is TPM (Trusted Platform Module) or a device similar to TPM.
From the above introduction, it is obvious that the trusted chip can ensure the security for data it encrypts, since the encryption key cannot exist outside the trusted chip in the form of plain text and be employed only within exactly this trusted chip. Due to this characteristic, however, some problems occur as follows.
Once the trusted chip is damaged or invalidated, it is impossible to obtain the encryption key whose existence depends on this trusted chip and thus to decrypt the encrypted data with this encryption key. That is, once the trusted chip is damaged or invalidated, anybody, even the user him/herself, cannot decrypt the encrypted data again, thereby leading to the unavailability of these data.
Although the data the user wants to protect are still present and not be stolen by the third party, it is unacceptable to the user that even he/she cannot access the data.