N-of-M for DKEK shares is meant for access control, not to create the share. Of course there are a lot of different options to handle the DKEK. You could have an AES master key on a different HSM to derive specific DKEK shares or you could encrypt the share using PGP. You can implement whatever scheme you feel suitable. That is the beauty of Open Source 
- Company
- News
- Products
- Solutions
- Support
- Shop