Authentication routines that rely on private cryptography keys as a basis for proving the identity of a user are typically stored locally (i.e., on the same computing device that executes the authentication routine). While the internal file that stores the private cryptography keys on the computing device is typically password protected, the password serves as the only layer of protection. Since most computing devices, such as personal computers, laptop computers and mobile communication devices are frequently, and in some instances continuously, connected to a wired and/or wireless public network, such as the Internet or the like, internally stored private cryptography keys are continuously susceptible to being misappropriated by an entity that desires to usurp a user's identity.
Many external storage devices exist that provide for various security features associated with securing the data stored thereon. However, while many of the devices may provide for acquiring evidence of a security breach (i.e., physical or non-physical tampering with the device and/or the data), such devices do not provide for real-time response to such breaches, such that misappropriation of private cryptography keys is prevented.
Therefore, a need exists for a secure means for storing private cryptography keys. The desired storage means should reduce the risk of misappropriation of keys due to the keys being stored internally within a computing node that is frequently or, in some instances, continuously accessible via a public communication network, such as the Internet. Moreover, the desired storage means should provide for real-time responsiveness to tampering, such that misappropriation of the private cryptography keys is prevented.