US Patent 11418329 Shared secret implementation of proxied cryptographic keys

Techniques for sharing secret key information in a system that includes a remote server that proxies cryptographic keys. In one technique, a proxy server receives, from a client device, a request for a cryptographic operation. The proxy server also receives, from the client device, secret key information that is associated with the request. Prior to the request, the proxy server did not have access to the secret key information. While storing the secret key information in memory of the proxy server, the proxy server sends the secret key information to a cryptographic device that stores one or more cryptographic key. The proxy server does not store the secret key information in any persistent storage. The cryptographic device performs the cryptographic operation based on the secret key information.