The present application describes systems and techniques relating to cryptographic keys, for example, encryption keys used for offline access in a document control system.
Document control systems provide persistent control over access to documents. At a basic level, these systems work by encrypting each document with a cryptographic key and storing the cryptographic key on a server. When a user wishes to access a document, they first authenticate against a server. The server determines if the user has permission to access the specified document and, if so, returns the key needed to open the document. Otherwise, the document remains encrypted and inaccessible.
However, because users are not always online, document control systems typically also provide the option of enabling documents to be accessed when offline. Offline access is accomplished by caching keys on a client machine that can unlock documents that the user is permitted to access. In some systems, a separate key is cached on the client for each document. In other systems, the keys cached on the client may correspond to policies (e.g., company confidential) that grant access to the user or to groups of which the user is a member. The principle behind this approach is that the number of policies or groups in the system is much smaller than the number of documents and, therefore, many fewer keys need to be downloaded from the server and cached on the client, thus offering added scalability. Examples of such systems include those provided by Liquid Machines and Sealed Media.
In addition, many systems also provide re-keying functionality, in which the keys used by the system can be changed in order the limit potential damage in the event that keys are compromised (e.g., a client machine may be infected by a virus that makes the cached keys accessible or a laptop with cached keys may be stolen). Moreover, in various communications systems, such as satellite television systems, virtual private network (VPN) systems and Internet-based Secure Sockets Layer (SSL), encryption keys are periodically re-keyed to limit the value of a compromised key. In such systems, once a key is changed, the old key becomes obsolete.