Mobile devices, e.g., smartphones or tablet devices, are increasingly advancing into application areas so far dominated by conventional personal computers. Further, the advance of so called “cloud computing” phenomena and devices having support for the same is paving the way for new business models. In each case, appropriate security models are needed that can preserve the confidentiality of data, even if devices are lost or stolen.
More specifically, a mobile device has the capability of storing huge quantities of data, and various security mechanisms may be applied to protect the data. Here, one common practice is to encrypt the data using a security key which is then, in some way, stored in the mobile device. This is a security risk as both the data that is to be protected and the means for providing the protection are physically on the same device. Further, passphrases may be used, which are to be entered by a user for accessing the protected data. Such passphrases are typically selected by the user or automatically generated. However, even when using complex passphrases, vulnerabilities exist, and it may become difficult for the user to remember complex passphrases.
A further possibility is to use dedicated devices for generating encryption keys. For example, such devices may perform a secret algorithm on prime numbers, which may be combined with additional parameters and/or operations, to produce an output that is used as an encryption key for encrypting data. On a separate location, the same algorithm may be used to generate a key for decrypting the data. However such solutions typically involve considerable costs for the dedicated devices.
In view of the above, there is a need for efficient techniques for protecting data, which can be implemented at low cost.