In the digital age, securing communications, documents, software, and other information from being disclosed to third parties is a critical component of many enterprises. Enterprises that transmit such information in the presence of potential adversaries may wish to delegate the authority to perform cryptographic functions to protect such information to employees within the enterprise, trusted third parties, or other entities for a specific number of cryptographic operations. Cryptographic functions may employ read-once keys (ROKs) to perform cryptographic functions that provide greater protection to encrypted information by only allowing such cryptographic functions to be performed a specific number of times.
The term ROK describes the notion that a cryptographic key can be read and used for encryption and decryption only once. While it seems intuitive that a trusted piece of software could be designed that deletes a key right after using it, such a scheme naïvely depends on the proper execution of the program. This approach could be easily circumvented by running the code within a debugging environment that halts execution of the code before the deletion occurs. That is, the notion of a ROK entails a stronger protection method wherein the process of reading the key results in its immediate destruction.
Cryptographers have proposed the notion of read-once keys (ROKs) as a beneficial tool for a number of applications, such as delegation of authority. The premise of ROKs is that the key is destroyed by the process of reading it, thus preventing subsequent accesses. The consensus among cryptographers is that ROKs cannot be produced by algorithmic processes alone. As such, there exists a need for a hardware-based system on chip and method for securely performing cryptographic functions using ROKs.