Computers often store sensitive, confidential or secret data. If the computer itself is physically secured, is only used by people who are permitted access to the data, and is protected from remote access, the data may be reasonably safe from inadvertent disclosure. However, these sorts of restrictions severely impair the usefulness of a computer; people usually want to exchange data with other systems, and often must use a portable computer in arbitrary (non-secured) locations. To protect the sensitive data a computer may contain, many users rely on cryptographic systems.
A cryptographic system protects data by encrypting it with a key. If the encryption algorithm is strong and the key is chosen carefully, then it is infeasible to recover the original plaintext without the key. Thus, the encrypted, sensitive data need not be maintained with the same degree of care—an attacker who obtains the encrypted data will be unable to do anything with it. (On the other hand, the key becomes the focus of an attacker's attention, since the key provides access to all data encrypted therewith.)
At first blush, then, it might seem that encryption merely exchanges one security problem (restricting access to data) for another (restricting access to a key), but keys are typically much smaller than the data they are used to encrypt, and so different techniques for protecting them are feasible and effective. In fact, many security problems boil down to key management issues. New protocols and techniques for managing keys to achieve specific security profiles may be of significant value.