This invention relates to systems that use cryptographic keys.
Security of communications in, for example, computer and communication networks can be achieved by encrypting the communications using a cryptographic key. Typical applications include communications to and from personal computers, mobile telephones, or other user equipment.
It is advantageous for the cryptographic key to be stored and maintained within the equipment. In this way, encryption and decryption can proceed in a way that is transparent to the user in that the user does not have to know the cryptographic key and be required to input it into the equipment prior to initiating communications. Rather, encryption and decryption can all be done automatically by the equipment.
Storing and maintaining the cryptographic key in the equipment has other advantages, as well. For example, when it is desired to revoke a corporate employee's permission to use the corporate communications network (such as when the employee leaves the employ of the company) all that needs to be done is to retrieve from the employee's possession whatever equipment the employee may have been issued in which the cryptographic key was stored—a company-supplied network access card, for example, or to remove the key from such equipment. Similarly, the cryptographic key necessary to decrypt premium cable channel signals can be stored in the cable access box, so that discontinuation of the cable subscriber's access to such programming is readily achieved by removing the box from the subscriber premises.
A further advantage arises from the fact that in many systems the same cryptographic key is used for communications to and from many users. Thus if the cryptographic key was not stored in the equipment but, rather, was in the direct possession of the users, terminating a particular user's ability to utilize the network would require that a new cryptographic key be issued to all the other users—an inconvenient and potentially expensive proposition. Having the cryptographic key within equipment that can be recovered from an individual user is clearly a more advantageous approach in that regard.
The approach is not foolproof, however. The manner in which the cryptographic key is stored in the user's equipment may be such that a sufficiently knowledgeable and/or motivated user might be able to learn what the cryptographic key is. For example, the cryptographic key might simply be stored in a file on the hard drive of a personal computer. Such user would then be in a position to use the cryptographic key in the future even if the equipment in question was taken away from him. It might be possible to store the cryptographic key in a less user-accessible place within the computer, e.g., within a network access card. However, a device like that is easily removable from the rest of the user's equipment and is portable. As such, it is easy to make off with, even at a moment's notice. Moreover, having the cryptographic key stored in such a user-inaccessible location as the network access card may thwart the desire of the network operator to be able to readily distribute cryptographic keys to a multiplicity of users by, for example, loading of the cryptographic key by a network administrator, and having that cryptographic key stored on the computer's hard drive.
Advantageously, a more secure approach is to store the cryptographic key within the user equipment in encrypted form. In order for the cryptographic key to be usable for communications, then, it would first have to be decrypted by the equipment. Thus even if a user is able to locate the cryptographic key within the equipment, it does him no good because the cryptographic key is encrypted and cannot be used until decrypted.
Even this approach has a weakness, however, in that the information/algorithm needed to decrypt the cryptographic key must be stored somewhere within the user's equipment so that the cryptographic key can be decrypted when needed. Admittedly, it is more difficult for a user to have to discover not only the (now encrypted) cryptographic key but also the key decryption information and to know how to use the latter to recover the original cryptographic key. However, a sufficiently knowledgeable and motivated user might be able to do just that. Or the user might simply be able to monitor internal operations of the equipment in such a way as to “pick off” the original cryptographic key once it has been decrypted and is in use within the system.