Bank of America Corporation
SCALABLE HARDWARE ENCRYPTION

Abstract:

Hardware Security Modules (HSMs) may be utilized to store master keys that are used to secure (e.g., wrap) encryption keys that are stored outside of the HSMs. The wrapping of the encryption keys may include using the master key to mask each of the plurality of encryption keys. The master keys are then stored within the HSMs and the wrapped encryption keys may be stored outside of the HSMs. Since the plurality of encryption keys are wrapped, the wrapped encryption keys may be stored outside of the HSMs with a reduced potential for the wrapped encryption keys to be misappropriated. As such, the plurality of encryption keys may be stored in systems that do not have as many security requirements, and thus, have more memory available. As such, the memory needed to store keys within the HSMs is reduced.