CPC H04L 9/0897 (2013.01) [G06F 21/78 (2013.01)] | 20 Claims |
1. A computer-implemented method comprising:
generating a determination to allow a first hardware security module to obtain access to a first subset of cryptographic keys of a set of cryptographic keys stored by a fleet of hardware security modules of which the first hardware security module is a member, where hardware security modules of the fleet of hardware security modules have access to a fleet key;
causing the first hardware security module to transmit a request for parity information associated with the first subset of cryptographic keys, wherein the parity information is stored separately from the fleet of hardware security modules; and
causing the first hardware security module to generate the first subset of cryptographic keys based at least in part on the parity information and a second subset of cryptographic keys of the set of cryptographic keys, where the first hardware security module is able to access the second subset of cryptographic keys.
|