US 11,784,811 B2
Storage of cryptographic information
Gregory Alan Rubin, Seattle, WA (US); and Benjamin Philip Grubin, Herndon, VA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Aug. 28, 2020, as Appl. No. 17/6,139.
Application 17/006,139 is a division of application No. 14/958,816, filed on Dec. 3, 2015, granted, now 10,778,429.
Prior Publication US 2020/0396070 A1, Dec. 17, 2020
Int. Cl. H04L 9/08 (2006.01); G06F 21/78 (2013.01)
CPC H04L 9/0897 (2013.01) [G06F 21/78 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
generating a determination to allow a first hardware security module to obtain access to a first subset of cryptographic keys of a set of cryptographic keys stored by a fleet of hardware security modules of which the first hardware security module is a member, where hardware security modules of the fleet of hardware security modules have access to a fleet key;
causing the first hardware security module to transmit a request for parity information associated with the first subset of cryptographic keys, wherein the parity information is stored separately from the fleet of hardware security modules; and
causing the first hardware security module to generate the first subset of cryptographic keys based at least in part on the parity information and a second subset of cryptographic keys of the set of cryptographic keys, where the first hardware security module is able to access the second subset of cryptographic keys.