Offline private key protocol
Encyclopedia
The offline private key protocol (OPKP) is a cryptographic protocol
to prevent unauthorized access to back up
or archive
data. The protocol results in a public key that can be used to encrypt data and an offline private key
that can later be used to decrypt that data.
The protocol is based on three rules regarding the key. An offline private key should:
To comply with these rules, the offline private key protocol uses a method of asymmetric key wrapping
.
When archiving or creating a backup, for each session or file:
To restore backed up or archived data:
Cryptographic protocol
A security protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods.A protocol describes how the algorithms should be used...
to prevent unauthorized access to back up
Backup
In information technology, a backup or the process of backing up is making copies of data which may be used to restore the original after a data loss event. The verb form is back up in two words, whereas the noun is backup....
or archive
Archive
An archive is a collection of historical records, or the physical place they are located. Archives contain primary source documents that have accumulated over the course of an individual or organization's lifetime, and are kept to show the function of an organization...
data. The protocol results in a public key that can be used to encrypt data and an offline private key
Offline private key
An offline private key is a cryptographic key that is not stored on a network-connected medium. The key can be used to decrypt archive or backup data.The key can be the result of an offline private key protocol. In printed form the key can be a trusted paper key....
that can later be used to decrypt that data.
The protocol is based on three rules regarding the key. An offline private key should:
- not be stored with the encrypted data (obviously)
- not be kept by the organisation that physically stores the encrypted data, to ensure privacy
- not be stored at the same system as the original data, to avoid the possibility that theft of only the private key would give access to all data at the storage provider; and to avoid that when the key would be needed to restore a backup, the key would be lost together with the data loss that made the restore necessary in the first place
To comply with these rules, the offline private key protocol uses a method of asymmetric key wrapping
Key Wrap
Key Wrap constructions are a class of symmetric encryption algorithms designed to encapsulate cryptographic key material. The Key Wrap algorithms are intended for applications such as protecting keys while in untrusted storage, or transmitting keys over untrusted communications networks...
.
Security
As the protocol does not provide rules on the strength of the encryption methods and keys to be used, the security of the protocol depends on the actual cryptographic implementation. When used in combination with strong encryption methods, the protocol can provide extreme security.Operation
Initially:- a client program (program) on a system (local system) with data to back up or archive generates a random private key PRIV
- program creates a public key PUB based on PRIV
- program stores PUB on the local system
- program presents PRIV to user who can store the key, e.g. printed as a trusted paper keyTrusted paper keyA paper key is a machine-readable print of a cryptographic key. The printed key can be used to decrypt data, e.g. archives or backup data. A paper key can be the result of an offline private key protocol...
, or on a memory card - program destroys PRIV on the local system
When archiving or creating a backup, for each session or file:
- program generates a one-time random key OTRK
- program encrypts data using OTRK and a symmetric encryption method
- program encrypts the (optionally paddedPadding (cryptography)-Classical cryptography:Official messages often start and end in predictable ways: My dear ambassador, Weather report, Sincerely yours, etc. The primary use of padding with classical ciphers is to prevent the cryptanalyst from using that predictability to find cribs that aid in breaking the...
) key OTRK using PUB to OTRKCR - program stores the OTRKCR and the encrypted data to a server
- program destroys OTRK on the local system
- program destroys OTRKCR on the local system
- the server stores OTRKCR and stores the encrypted data
To restore backed up or archived data:
- user feeds PRIV into program
- program downloads data with the respective OTRKCR
- program decrypts OTRKCR using PRIV, giving OTRK
- program decrypts data using OTRK
- program destroys PRIV on the local system