In order to use cryptography, users need to generate secret keys (similar to passwords) and store them somewhere securely.
This is intrinsically difficult for four main reasons:
Most user computers and mobile devices do not have a secure place to store sensitive data, so any loss of these devices will leave the stored keys vulnerable to compromise.
Keys need to be transmitted to recipients in a way that preserves their secrecy and integrity.
Keys must be stored long term; losing the key means whatever data it is storing can no longer be decrypted.
Most users have a variety of devices; storing the key on one device means the protected data cannot be accessed from another device.
Key management is the most complicated part of the delivery of this solution, and it is also the underlying reason, or problem, why cryptography is not often used to protect data.
The fact that user keys must be serviced independent of content, and must be able to be policy-controlled, is fundamental to all privacy-based services. Further, keys must never be kept long-term within the clients – they must only serve the purpose of encrypting or decrypting the data at that moment, and then be destroyed.
Scentrics’ cloud-based key management system addresses these needs, thereby removing a major obstacle to the successful provision of data protection services to the end user. Any application, be it on a smart phone or computer, which requires cryptography-based security can be readily built using a simple Application Interface (API) on this infrastructure.
The user simply authenticates him/herself to the server when a key is required
The keys are then securely and automatically downloaded to the user’s device
These local copies are deleted immediately after use and are not stored on the device
This means that the loss of a user’s mobile devices will not compromise the keys, since they are not stored long-term on the device. Even if the device is lost or stolen, the data is secure as the keys are never stored with the encrypted data.
This is an important difference between Scentrics and other services using encryption which are client-centric (meaning that keys are stored on the client, such as WhatsApp). In such cases, the keys risk being compromised if the device is lost.