openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/nbde-secret-sharing-encryption.adoc
JoeAldinger bbf6b49707 OSDOCS-16696: updates j-n for content-type
2025-10-30 06:31:40 +00:00

12 lines
802 B
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
// Module included in the following assemblies:
//
// security/nbde-implementation-guide.adoc
:_mod-docs-content-type: CONCEPT
[id="nbde-secret-sharing-encryption_{context}"]
= Secret sharing encryption
Shamirs secret sharing (sss) is a cryptographic algorithm to securely divide up, distribute, and re-assemble keys. Using this algorithm, {product-title} can support more complicated mixtures of key protection.
When you configure a cluster node to use multiple Tang servers, {product-title} uses sss to set up a decryption policy that will succeed if at least one of the specified servers is available. You can create layers for additional security. For example, you can define a policy where {product-title} requires both the TPM and one of the given list of Tang servers to decrypt the disk.
View Git Blame Copy Permalink