Code Room
System designHardsd-g679
Subject EncryptionLevel Senior–Staff~50 minCommon in Security interviewsIndustries Technology

Question

Design a multi-tenant key-management service (KMS) with HSM-backed signing for a cloud platform. It must perform 50K sign/encrypt operations per second, never expose key material outside the HSM boundary, support per-tenant key hierarchies with rotation and versioning, and give a cryptographic audit trail of every operation. Threat model: a compromised application host, a malicious operator, and the requirement that no single person can exfiltrate a customer master key. Cover the key hierarchy, how HSMs are pooled for throughput and HA, rotation without breaking old ciphertext, and the trust boundary.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.