1. Field of the Invention
The present invention relates to techniques for encrypting and decrypting data. More specifically, the present invention relates to a method and an apparatus for encrypting data and managing keys to facilitate securely forgetting secrets.
2. Related Art
To ensure data is not lost prematurely, it is common to create multiple backup copies of the data. However, it is also desirable in some cases to ensure that data, once deleted, is not recoverable. This can be a rather complicated task if backup copies of the data are created and stored at different locations.
This problem can be solved by only storing the data in encrypted form. In this way, destroying the data is reduced to the somewhat easier problem of deleting the key that is required to decrypt. However, long-term user keys can, over time, be obtained by an adversary through compromise or coercion. To remedy this problem, it is possible for keys to be kept in tamper-resistant smart cards, in which case it is not feasible to covertly discover the keys.
Unfortunately, smart cards have limited storage space, which makes it impractical to store a large number of keys on a smart card. This restriction significantly limits the capabilities of a system that uses a smart card to manage keys. In particular, this restriction makes it hard to securely delete data items “on-demand.”
To securely delete a given data item on-demand, it is desirable to encrypt the given data item so that it can only be decrypted with a data-item-specific key, wherein this data-item-specific key can only be used to decrypt the given data item, and cannot be used to decrypt other data items. In this way, deleting the data-item-specific key only makes the given data item unreadable, and does not affect other data items, which can be decrypted with other keys. However, it is not possible to store a large number of data-item-specific keys on a smart card.
Hence, what is needed is a method and an apparatus that facilitates making data unreadable “on-demand,” and also provides the protection of a smart card for the keys.