US Patent 11985230 Concurrent masterkey changes for redundant HSMs

A method for updating a current master key (MK) with a new MK, protected by an HSM, while a software component using a key is active, is disclosed. The method comprises signaling that a new master key has been loaded to the HSMs, re-encrypting the key encrypted with the current MK, storing the re-encrypted key as respective newKey component of a key object, wherein a current key is stored in a curKey component of the key object, and setting the new MK in a first HSM, and signaling to the active software component that the new MK is set in at least one of the HSMs. Upon determining that the new MK is set in the HSM, restricting usage of the HSMs to the selected HSM, and upon determining that the new MK is set in all HSMs, moving the value of the newKey to the curKey component.