Home > |
---|
In previous Luna HSM releases, this page described library and firmware aspects of MofN secret sharing.
Current implementation (since HSM firmware 5) no longer implements MofN via the HSM.
Instead, MofN is entirely mediated via Luna PED 2.4 and later. The HSM is unaware of secret sharing. Multi-person access control for any of the authentication secrets (SO, User, Cloning domains, Remote PED Vector, Secure Recovery Vector) is a PED function, and the HSM sees only the fully reconstituted MofN secrets as they are presented to it by the PED.
Green PED Keys are no longer used.
This implementation is both cleaner and more flexible than the legacy implementation.If you have used, or are still using legacy Luna HSMs, be aware that the legacy implementation of MofN split-secret, multi-person access control is not compatible with the modern implementation. For migration instructions, contact SafeNet Technical Support -- e-mail: support@safenet-inc.com or phone 800-545-6608 (+1 410-931-7520 International)