The invention relates generally to systems that employ cryptographic key history data and more particularly to systems that employ cryptographic history data wherein some of the key history data is stored on a limited capacity memory device, such as a portable storage device.
Cryptographic systems are known that employ the storage of cryptographic key history data, such as decryption private key history data in a public/private key pair system. The decryption private key history data is physically stored in a secure database, or other medium so that a user who has obtained encrypted information using a previous public key of a public/private encryption key pair, can decrypt older messages. It is known in the art to generate additional private keys when the life time of an encryption public key of the public/private key pair has expired or has been revoked due to a detected compromise or some other condition. A key pair generating mechanism, for example, a secure server, may generate a new public/private encryption key pair upon notification of a lifetime expiration of the private encryption key or public encryption key. Hence, in a public key cryptography system a secure authority generates encryption key pairs and sends the new encryption key pair to a subscriber when a subscriber""s key pair expires. This may occur quite frequently, such as every several months depending upon the level of security required in the given system.
In many cryptographic systems, hardware tokens such as smartcards are employed which contain the private decryption key of a public key pair to store the secret key in a secure storage location. A subscriber then may keep the smartcard on their person to ensure that an attacker cannot obtain the secret private decryption key information. However, a problem arises with conventional hardware tokens because they typically have limited storage capabilities and cannot store large private key histories. Consequently, when a subscriber having the hardware token wishes to decrypt all of their messages using their smartcard, they are unable to encrypt some older messages since the smartcard cannot hold enough key history data to accommodate all pertinent expired or revoked decryption keys. Conventional hardware tokens typically have their memory configured such that once the memory is filled to capacity, no additional decryption private keys can be stored. Such systems do not typically allow overwrites or additional updates after the memory is full. As such, the subscriber has no access to the full key history information to allow use of older encrypted documents. Therefore, in current systems, the cryptographic system simply rejects the key history update process when the memory on the hardware token is filled. This typically results in the subscriber having to buy a more expensive hardware token containing larger memory storage capabilities or prevents the subscriber from decrypting older messages.
Consequently, there exists a need for a data management system for a limited capacity cryptographic storage unit that can detect when the storage unit can no longer accommodate additional cryptographic data. It would be advantageous if such a system could detect a cryptographic data overflow condition of a limited capacity storage unit and maintain data storage for information useful to the subscriber without requiring additional memory added to the limited capacity device.