Computers serve a vital function today and are ubiquitous in the personal and professional lives. Generally, computers are used to create or manipulate data in some form. Because data is very important to the people that use or own the data, the data is protected in different ways.
Initially, data is protected by generating a backup of the data and can be backed up in a variety of different ways. By backing up data, a recent copy of the data can be obtained in case there is a problem with the original data. In some situations, data is backed up in the cloud. In addition to providing a backup of the data, data stored in the cloud can be accessed from different locations.
Backing up data, however, is not the only way to protect data. For example, data may also be encrypted. By encrypting data, access to the data can be controlled. Only the person that has the key to decrypt the data can easily access the data. There are several different types of encryption available. Symmetric keys, for example, relate to an encryption algorithm where the same keys are used to both encrypt the data and decrypt the data.
Another type of encryption is asymmetric encryption. In asymmetric encryption, keys usually come in pairs: a public key and a private key. When data is encrypted with the public key, only the person possessing the corresponding private key is able to successfully decrypt the data. In fact, the public key could be widely distributed if desired. Similarly, data encrypted with the private key can be decrypted with the public key.
Data encryption is thus becoming an important part of data protection. In fact, encryption is used to protect more than just backup data. Encryption can be used to protect active data, credentials, and other data that is to be safeguarded. In any given environment, more than one key or more than one key pair is used. By using different keys to encrypt different data or to double encrypt data, access to the data can be controlled.
Unfortunately, the benefits of encryption have a corresponding cost. As the number of keys used in a given system grows, key management becomes a problem. In addition to simply keeping track of a large number of keys and their relationships to different objects, key management systems may have access to the plaintext keys needed to decrypt the data. As a result, the data could be compromised even though it is encrypted. Systems and methods are needed to better protect encrypted data.