KEY EXPORT TECHNIQUES

摘要

A computer system performs cryptographic operations as a service. The computer system is configured to allow users of the service to maintain control of their respective cryptographic material. The computer system uses inaccessible cryptographic material to encrypt a user's cryptographic material in a token that is then provided to the user. The user is unable to access a plaintext copy of the cryptographic material in the token, but can provide the token back to the service to cause the service to decrypt and use the cryptographic material.

主权项

1. A computer-implemented method, comprising:
receiving, at a web server of a cryptography service, a request for a cryptographic key, the request specifying a lifetime, the request from a device associated with a customer of the cryptography service; generating, in a device that provides hardware protection of cryptographic material, the cryptographic key; selecting, from a set of domain keys stored within the device and programmatically unexportable from the device, a domain key with an expiration that matches the specified lifetime, the expiration enforced by at least one instance of an automated process that causes the domain key to become permanently inaccessible to the device at a time determined in accordance with the expiration; encrypting, in the device, the generated cryptographic key; generating a token that comprises the encrypted cryptographic key and an identifier of the cryptographic key; providing, to the device associated with the customer, the token in response to the received request; and performing one or more operations that cause the device to lose access to the cryptographic key.