The present invention relates to the field of encryption technology. More particularly, the present invention relates to encryption key management.
To most people, cryptography is concerned with keeping communications private. It is the use of codes to convert data so that only a specific recipient will be able to read it using a decryption device referred to as a decryption key. Encryption is the transformation of data, through the use of codes, into a form that is as close to impossible as possible to read without the appropriate knowledge (a key). Its purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form. The persistent problem of cryptography is that the decryption key must be transmitted to the intended recipient for decryption and may be intercepted.
Encryption and decryption generally require the use of some secret information, the decryption key. For some encryption mechanisms, the same key is used for both encryption and decryption; for other mechanisms, the keys used for encryption and decryption are different. In traditional cryptography, the sender and receiver of a message know and use the same secret key: the sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. This method is known as secret key or symmetric cryptography. The main challenge is getting the sender and receiver to agree on the secret key without anyone else finding out. If they are in separate physical locations, they must trust a courier, a phone system, or some other transmission medium to prevent the disclosure of the secret key. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all messages encrypted or authenticated using that key. The generation, transmission, and storage of keys is called key management; all cryptosystems must deal with key management issues. Because all keys in a secret-key cryptosystem must remain secret, secret-key cryptography often has difficulty providing secure key management, especially in open systems with a large number of users.
For an increasing number of reasons (financial, military, privacy, etc.), it is becoming highly desirable to store information in an encrypted form. However, even with all of the risks associated with failing to use encryption, most applications continue to store their information in an unencrypted fashion, partially due to the problems associated with keeping the secret key a secret.
As encrypted tapes are created, an encryption key is used to secure the information. When encrypted tapes are restored, a rapid method of identifying the decryption key is required. One popular method of key and data association is to encrypt the key and store it within the tape itself. While the key is more secure than if it were not encrypted, the major risk with this approach is that if the key (usually 128-256 bits) were decoded, then the rest of the tape would be vulnerable. In an effort to solve the above-mentioned problems, the present invention is disclosed.
The present invention relates to encryption key management through the use of smart card technology for generation encryption and decryption keys used with encryption/decryption algorithms. Two smart cards are employed to generate, store, and lookup encryption keys and decryption keys. Initially, an encryption smart card is initialized with a card group value and a card number. For each card number a reference number corresponding to the largest of the keys that it has generated is also stored on the smart card, initially the reference number is set to 0 and thereafter is incremented as each key is provided. Additionally, a master key value is written to the encryption card. A user must possess both the physical smart card and the personal identification number associated with the card in order to call for the generation an encryption key. Upon receipt of a key generation request, the Smart card creates a variable key range variable by concatenating the card group value, card number and reference number for the encryption key that is to be generated. A hashing algorithm generates a digest message from the master key and the variable key range variable. The digest is used for an encryption key. The encryption key and a variable key range variable are output to the caller who requested the key. Encryption keys generated with the encryption smart card may be used with any encryption algorithm that uses an encryption key. The variable key range variable, in and of itself, contains nothing that will compromise the key. Therefore, it may be freely stored with the encrypted data.
Generation of a decryption key requires that the user possess a decryption smart card and PIN. A user calls for a decryption key and includes the variable key range variable from the encrypted data. A hashing algorithm generates a digest message from the master key and the variable key range variable. The digest is used for a decryption key. The decryption key is output to the caller who requested the key and is used to decrypt the information.