Secure Split Key (SSK)
Secure Split Key (SSK) is a NewCore approach that splits cryptographic signing authority across multiple parties so that no single entity holds the complete key needed to authorize access. It distributes trust instead of concentrating it, making authorization decisions cryptographically transparent and verifiable.
# WHAT TEAMS RUN INTO
- —
Split key systems require coordination between multiple signing parties. If any party is unavailable or slow, authorization latency increases and legitimate access gets delayed.
- —
Threshold management becomes a security question. If SSK requires M of N signatures, choosing N and M involves trade-offs between security and availability — too conservative and access fails, too loose and security weakens.
- —
Rotating split keys is operationally harder than rotating single keys. All N parties must coordinate key rotation, and the process becomes a synchronization nightmare if parties have different schedules or availability.
# WHY IT MATTERS
SSK is a fundamental rethink of how authorization authority is distributed. Instead of trusting a single IdP or signing authority, SSK creates a requirement for consensus among multiple independent parties. This makes compromise harder — an attacker must compromise multiple parties simultaneously instead of just one. It is an architectural shift from centralized trust to distributed trust, and it changes how breaches scale.