|
|
|
|
|
|
by Nursie
4298 days ago
|
|
|
One of the other things you're sorta-describing is an HSM. These are dedicated boxes that just do crypto. You keep them on the network or attached via a serial port or... whatever. Accessible to your machines but not the outside world. Then you send them messages to ask them to encrypt and decrypt data for you. That way the keys never leave the box. The HSM doesn't accept new software, nor does it ever expose the keys to anyone. They are, however, quite expensive. |
|
|