Operation
Initially:
- a client program (program) on a system (local system) with data to back up or archive generates a random private key PRIV
- program creates a public key PUB based on PRIV
- program stores PUB on the local system
- program presents PRIV to user who can store the key, e.g. printed as a trusted paper key, or on a memory card
- program destroys PRIV on the local system
When archiving or creating a backup, for each session or file:
- program generates a one-time random key OTRK
- program encrypts data using OTRK and a symmetric encryption method
- program encrypts the (optionally padded) key OTRK using PUB to OTRKCR
- program stores the OTRKCR and the encrypted data to a server
- program destroys OTRK on the local system
- program destroys OTRKCR on the local system
- the server stores OTRKCR and stores the encrypted data
To restore backed up or archived data:
- user feeds PRIV into program
- program downloads data with the respective OTRKCR
- program decrypts OTRKCR using PRIV, giving OTRK
- program decrypts data using OTRK
- program destroys PRIV on the local system
Read more about this topic: Offline Private Key Protocol
Famous quotes containing the word operation:
“It is critical vision alone which can mitigate the unimpeded operation of the automatic.”
—Marshall McLuhan (19111980)