Cryptographic mechanisms provide security services for electronic data storage. Cryptography is the process of encrypting ordinary information, called plaintext, into unintelligible data, called cyphertext, and decrypting the cyphertext back to plaintext. An algorithm is used with auxiliary cryptographic information, such as a cryptographic key, to perform the encryption and decryption. While it may be difficult to keep an algorithm secret, a key is often easier to protect as it is typically a small piece of information that can be changed as needed to prevent security breaches. Keeping keys secret is part of the process of key management, which also includes the secure generation, exchange, storage, distribution, use, replacement, and destruction of keys. Just as a strong safe is only secure if the safe's combination is kept secret, a strong algorithm is directly dependent on secure key management to keep a cryptographic key secret.
In a traditional cryptographic service environment, a key management service provides cryptographic keys. For example, to encrypt plaintext or plain data into cyphertext or cypher data, first a master key is created and identified with a master key identifier. Next, a key can be generated from the master key to encrypt data, and the key management service can return the key both as a plain (unencrypted) key and as a cypher (encrypted) key, which was encrypted by the master key. The plain key can be used to encrypt plain data into cypher data, and the cypher data and the cypher key can be stored together and the plain key can be erased from memory. Later, to decrypt the cypher data, the cypher key can be transmitted to the key management service, which can decrypt the cypher key using the master key and return the plain key. The plain key can then be used to decrypt the cypher data, yielding the original plain data, and the plain key can be erased from memory. This traditional cryptographic service environment is advantageous because it ensures that, should there be unauthorized loss of the cypher data by a data vandal or cracker, the cypher data is useless to the vandal who does not possess the applicable key in plain form because only a cypher key in encrypted form is stored with the cypher data. In other words, with a key management system, the long-term storage of a plain key is stored in a different location than the storage of the cypher data, and users must authenticate themselves with the key management service provider to gain access to the plain key in order to decrypt the cypher data.
However, should a data breach of cypher data include access to an applicable plain key, then a vandal can decrypt the cypher data. For example, should a file such as a text document be encrypted, a vandal with the applicable plain key can decrypt the entire file and have access to the entire contents of the file. Similarly, if an entire database is encrypted, and the database consists of cells organized in columns and rows, then a security exploitation by a vandal could result in the vulnerability of all the cells in the database. On the other hand, each cell of a database could be encrypted with its own key, and a security attack by a vandal would limit the vulnerability to a single cell rather than the entire database. Thus, there is a need in the traditional cryptographic service environment to decide the granularity of the data to be protected, such as perimeter security of an entire database or interior security of, for example, tables, columns, rows, and/or cells. This decision of granularity is traditionally based on balancing competing requirements of security and performance.
In a traditional cryptographic service environment, computational performance is degraded by increased security overhead such as increased encryption operations. It is to be understood that sensitive data must be protected, or else an organization may face legal and brand consequences. Yet, if the real-world performance is impacted due to an encryption strategy, then the customer environment can be degraded, such as a restriction in the flow of authorized information, with a resulting market loss in business. In other words, an encryption solution in a traditional environment is not considered successful unless it includes acceptable performance. In a traditional balancing analysis, the encryption of data at a granular level, such as every cell of a database, is traditionally considered to have too large of a performance workload and is thus traditionally considered an unsuccessful solution.
Accordingly, traditional balancing analysis includes an encryption overhead penalty that applies to the balancing of granular security with the cost of performance workload. One traditional balancing approach would be to have one key for an entire database, but if there are two hundred million user profiles in the database, then a breach with a stolen plain key would compromise all two hundred million profiles. In this unbalanced scenario, the performance would be weighted too high against such weak security.
A more balanced approach is to give security more weight without dramatically increasing performance overhead. This is traditionally done by limiting groups of data that is encrypted, such as encryption at the column level. For example, a column of social security numbers may be encrypted into cyphertext, while a column of cities may be left in plaintext or in clear form that is unencrypted. Under this traditional balancing scenario, the performance overhead is increased to protect critical data groups such as social security numbers, while the security of those data groups is also increased. The tradition that a city is often not a data group that needs encryption is balanced by the reduced performance overhead of not encrypting such a data group. In other words, while encrypting a city column may be enticing due to perceived added protection, such encryption of data that falls outside of a security policy requirement may be detrimental to the processing economy of a computer system.
With this traditional balanced scenario, there is still a risk of all the data of an encrypted column being breached if a data vandal gains access to the applicable plain key for that column. While the impact of a vandal discovering a plain key to a social security number column limits the vandal's access to that column, such as the social security numbers in such a column, nevertheless a vandal gaining access to all the social security numbers in a column is traditionally considered a severe breach.
Consequently, there is a long standing technical problem in the data management arts in the form of a need to provide more effective data encryption procedures that address computational performance requirements to be able to scale the encryption of granular data.