SECURE KEY UTILIZATION IN A DISTRIBUTED HARDWARE SECURITY MODULE

Abstract

Systems, methods, and computer readable storage media described herein for secure key utilization in a distributed hardware security module. In an aspect, a hardware security module is communicatively coupled to and physically separate from a host processor. The hardware security module comprises a security coprocessor. The security coprocessor receives, over a network and from a central security module, a first cryptographic key. The first cryptographic key is stored in a secure data store. A request to perform a cryptographic operation is received from the first host processor. The security coprocessor utilizes the first cryptographic key to perform the cryptographic operation, resulting in a cryptographic result. In one aspect, the cryptographic result to the first host processor. In another aspect, the cryptographic result is written to host memory. In another aspect, the hardware security module notifies the host processor that the cryptographic operation was completed.

CPC Classifications