Encryption is the process of transforming data to make it unreadable to anyone who does not possess special knowledge. This special knowledge is often referred to as a key that unlocks the protected data. Encryption is used to restrict data access to authorized users in a variety of civilian and governmental databases and network systems such as for example mobile telephone networks, bank automated teller machines, and Internet e-commerce. Encryption is also used in digital rights management to restrict the use of copyrighted material, as well as with software to protect against software piracy and reverse engineering.
In many countries operators and Internet service providers are required to retain data traffic generated from public telecommunication networks including Internet services. Authorized law enforcement agencies may legally access this retained data from service provides for a variety of reasons, such as the detection, investigation, and prosecutions of a wide range of criminal offenses or conspiracies. Due to various national laws, as well as for security and privacy reasons, access to this retained data should be restricted to authorized entities, such as law enforcement agencies. To maintain the security of the retained data, it is stored in encrypted form.
When an authorized entity seeks specific retained data, related, for example to a single phone call made by a single individual, it must be located from within a database that may be extremely large. When this encrypted retained data is stored in file systems, databases, or other storage forms, it is not possible to perform a search for this data based on partial matching criteria. As a result, search inquiries must include an exact match of the search term. This results in a slower and less efficient search. Furthermore, encryption keys are susceptible to attacks from unauthorized entities such as hackers. In the event of an attack, the encryption key must be changed. This requires decryption with the old key of an the entire database, followed by re-encryption of the entire database with a new key. This too is a timely, costly, and inefficient process.