Probabilistic key rotation
First Claim
Patent Images
1. A computer-implemented method for managing cryptographic keys in a distributed system, comprising:
- under the control of one or more computer systems configured with executable instructions,storing a first cryptographic key in each of a plurality of security modules;
receiving a request to perform an operation, the performance of which involves an encryption operation using the first cryptographic key specified in the request; and
as a result of receiving the request;
causing a selected security module from the plurality of security modules to perform the encryption operation using the first cryptographic key;
performing a stochastic process to generate a value; and
when the value satisfies a set of key rotation criteria that limit the probability of using the same nonce multiple times with the first cryptographic key, causing each security module of the plurality of security modules to replace the first cryptographic key with a second cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
Information, such as a cryptographic key, is used repeatedly in the performance of operations, such as certain cryptographic operations. To prevent repeated use of the information from enabling security breaches, the information is rotated (replaced with other information). To avoid the resource costs of maintaining a counter on the number of operations performed, decisions of when to rotate the information are performed based at least in part on the output of stochastic processes.
98 Citations
26 Claims
-
1. A computer-implemented method for managing cryptographic keys in a distributed system, comprising:
under the control of one or more computer systems configured with executable instructions, storing a first cryptographic key in each of a plurality of security modules; receiving a request to perform an operation, the performance of which involves an encryption operation using the first cryptographic key specified in the request; and as a result of receiving the request; causing a selected security module from the plurality of security modules to perform the encryption operation using the first cryptographic key; performing a stochastic process to generate a value; and when the value satisfies a set of key rotation criteria that limit the probability of using the same nonce multiple times with the first cryptographic key, causing each security module of the plurality of security modules to replace the first cryptographic key with a second cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A computer-implemented method, comprising:
under the control of one or more computer systems configured with executable instructions, as a result of a received request to perform an operation, the performance of which involves use of first information; determining a stochastically generated value; when the stochastically generated value satisfies a set of rotation criteria that limit the probability of using the same nonce multiple times with the first information, replacing the first information with second information; and when the stochastically generated value fails to satisfy the set of rotation criteria, allowing the first information to be used to perform the operation at least one additional time in response to another request. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A system, comprising:
-
a plurality of computing devices that each store first information; a request processing subsystem comprising a collection of computing resources collectively configured to; process requests to perform operations involving the first information by at least, for each request of a plurality of the requests, selecting a computing device from the plurality of computing devices to use the first information as part of processing the request; and generate rotation determinations probabilistically in a manner that limits use of the same nonce with the first information multiple times such that, as a result of a rotation determination indicating rotation, the plurality of computing devices use second information instead of the first information. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a system, cause the system to:
-
probabilistically generate rotation determinations in a manner that limits use of the same nonce with first information multiple times, each rotation determination indicating whether to replace the first information with second information when processing requests; when a generated rotation determination is positive, cause the first information used in processing requests to be replaced with the second information; and when a generated rotation determination is negative, allow the first information to be used for processing additional requests to be processed using the first information. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification