Various types of data encryption systems exist for protecting data from unauthorized users. As an example, in data encryption standard (DES) encryption, a key is shared between a sender and a recipient. This key is referred to as a “shared secret” in that it is “shared” between the sender and recipient but is kept “secret” with respect to unfrosted users. The sender uses the key to encrypt data before sending it to the recipient, and the recipient, upon receiving the encrypted data, uses the key to decrypt the encrypted data. If an unauthorized user, sometimes referred to as a “hacker,” gains access to the encrypted data, it is very difficult for such a user to extract any useful information from the data without the key.
In pretty good privacy (PGP) encryption, data is similarly encrypted between a sender and a recipient. However, the sender and recipient each have a pair of keys, a private key and a public key. The public keys are exchanged between the sender and the recipient. These keys are “public” in the sense that they may be shared with untrusted users without compromising the security provided by the encryption. Each private key, however, is a “private secret.” In this regard, a private key is a “secret” in that it is not shared with untrusted users, and it is “private” in that it is not shared between the sender and the recipient. Ideally, only the sender is aware of his private key, and only the recipient is aware of his private key.
When sending data via PGP encryption, the sender randomly generates a session key and uses this session key to encrypt the data. The sender then encrypts the session key using the recipient's public key and transmits the encrypted data and the encrypted session key to the recipient. The recipient then uses his public key to decrypt the session key so that the session key can be used to decrypt the data. Although the public keys may be shared and known by others, it is important for each user to keep his or her private key secret since a private key can be used to decrypt the session key and, therefore, to ultimately decrypt the encrypted data.
There are various other key sharing encryption schemes that can be used to protect data being communicated between a sender and a recipient. However, a vulnerability of many of these encryption schemes is that secret keys used for encrypting and/or decrypting data are typically stored on a computer by the sender and/or recipient. Thus, it is possible for a hacker to employ known hacking techniques to access the data stored on such a computer and to thereby discover a secret key. The hacker may then use the key to extract useful information from encrypted data. Indeed, in order to recover a message defined by encrypted data, it is often much easier for a hacker to recover the message by finding the key that is needed to decrypt the data than it is for the hacker to break the encryption scheme.
Due to the vulnerability associated with hackers gaining access to secret keys, users are often encouraged to periodically obtain new encryption keys so that at least future messages can be protected from a hacker that has discovered a previously used key. However, periodically obtaining new encryption keys can be burdensome. Further, although a new encryption key can prevent a hacker from extracting useful information from future messages, obtaining a new encryption key does little to protect data that has been previously compromised due to a hacker finding a previously used key. Preventing a hacker from finding secret keys in the first place is a much more preferable solution.
Indeed, improvements to data security products, such as firewalls, hate been developed in an effort to prevent hackers from gaining access to sensitive data, such as secret keys, residing on user computers. However, hackers have shown an ability to develop new techniques to defeat improvements to these data security products and access information residing on user computers.
Moreover, better encryption techniques are generally desirable to enhance data security and reduce the likelihood that an unauthorized useful can extract useful information from encrypted messages.