In many cases, there is a single master key that is installed in a HSM or similar device, but which should be backed up. The recommended method for this backup in many cases is to encrypt the master key to multiple smart cards from which there is a "n out of m" style setup required to restore the master key. Some HSM devices support this natively as a key backup method, but do not reveal the exact algorithm to do it.
This is obviously trivial to do manually:
- Encrypt master key with a long passphrase
- Use some secret sharing algorithm (Shamir's) to split the passphrase
- Encrypt each produced part for each smart card
Now, my question is:
Are there any existing encryption standards or industry-accepted practices to do this, or is it just homebrew? I am specifically looking for solutions which are employed with smart cards.