|
|
|
|
|
|
by imperiopolis
798 days ago
|
|
|
Yes, that is the work "individually" is doing here – multiple realms (services) could collude to combine shards and attempt to extract secrets. However, programmable HSMs, with verifiable software (e.g. via a key ceremony), minimize this form of collusion. The shards they hold can't be extracted by a malicious operator, at least without substantial effort (requiring HSM hardware vulnerabilities). |
|
|