This invention relates to cryptographic key management and in particular to the scheduling of changes to cryptographic keys in a business system.
Such a business system may simply involve flow of business data from one computer system (a source system) to another computer system (a destination system), although in practice the data flow may be part of a much more complex system. Various techniques, such as symmetric or asymmetric encryption, or digital signatures, may be used to protect the integrity (confidentiality) of the data. Digital signatures also provide authentication of data, i.e. that it came from a particular source.
In symmetric encryption the same key is used to decrypt data as was used to encrypt it, so the key must be known only to the sender and the recipient.
In asymmetric encryption data is encrypted with one key and decrypted with another, these being the private key and the public key. Only the owner of the private key can decrypt data encrypted with the public key. Thus anyone can encrypt a message with the public key and be sure that the encrypted message can only be decrypted by the intended recipient. However, if the owner of the private key encrypts data with the private key, it can be decrypted by anyone using the public key. The fact that the process yields valid data proves that the message came from the owner of the private key and thus the encrypted data can be construed as a signature of the private key owner.
Digital signatures are similar to asymmetric encryption in that a two-part key is used, one being public and the other private. The owner of the private key uses it to generate a signature which it attaches to some other data. A recipient of the data can use the public key to verify the data came from the owner of the private key. Thus when using digital signatures (DS), the source system may use a private key DSPR to sign outgoing data and the destination system may use a public key DSPU to verify incoming data.
In practice the cryptography may be more complex. For example, the source system may embed a public key certificate in the signature it sends with each message. This certificate would be used to verify the data and would itself be verified against a Certification Authority public key, which effectively plays the same role as the DSPU.
The management of all keys is under the control of a security officer of the business system, who uses automated or manual procedures and protocols to arrange for delivery and installation of key material.
Good cryptographic practice requires all keys be changed at regular intervals, but if a key becomes compromised then it needs to be changed at other than the appropriate regular interval. The present invention is concerned with scheduling changes to keys which can take into account the possibility of unscheduled changes having occurred.
According to one aspect of the present invention there is provided a cryptographic key management method for use with a computer system including a first computer system and a second computer system, data flow from the first computer system to the second computer system being protected by cryptographic means employing one or more keys, wherein the or each key is scheduled to be changed at a respective scheduled time, but can be changed earlier at an unscheduled time if required, and wherein the or each key has a respective lifetime, the method including the step of calculating, for each key, a respective expiry time from its key lifetime, and the step of calculating a respective scheduled change time comprising a predetermined time before the expiry time.
According to another aspect of the present invention there is provided a computer system including a first computer system and a second computer system, data flow from the first computer system to the second computer system in use thereof being protected by cryptographic means employing one or more keys, the computer system further including a central system for generating the keys and delivering them to the first and second computer systems, the or each key having a respective lifetime and being scheduled to be changed at a respective scheduled time, although earlier unscheduled changes are possible, and comprising means for calculating, for each key, a respective expiry time from its key lifetime, and for calculating a respective scheduled change time comprising a predetermined time before the expiry time.