Cloud Backup Security | Precept IT

  • Home
  • Cloud Backup Security

Cloud Backup Security

CLOUD BACKUP SECURITY

ThinkBackup Offsite Backup Server –

“Secure, Robust and Reliable”

Secure 128-bit SSL communication

All communications between ThinkBackup Backup Server and your

computer are transported in a 128-bit SSL (Secure Socket Layer) channel.

Although all your backup files travel through a public network (internet),

eavesdroppers have no knowledge of what has been exchanged.

Backup data are securely encrypted

All of your files are first zipped and encrypted with your defined encrypting

key before they are sent to ThinkBackup backup server. To all people but

you, your files stored on ThinkBackup backup server are no more than

some garbage files with random content.

Encrypting key are well protected

The encrypting key used to encrypt your files resides only on your

computer and is known only to you. Thus, even the system administrators

will not be able to decrypt and view the content of your files stored on the

backup server without your permission. This unfortunately means if the

encrypting key is lost, you will never be able to recover your backup files.

Technical Details

The encrypting key for the different backup sets are stored the config.sys

file, which is encoded by a proprietary algorithm:

(Windows) %USERPROFILE%.obmconfigconfig.sys (Linux)

~/.obm/config/config.sys (Mac OS X) ~/.obm/config/config.sys

If client software cannot locate the config.sys (due to accidental deletion or

logon to a new machine with the same account), it will prompt the user to

re-enter the encrypting key for the backup set and then store it in the local

config.sys.

Best encryption algorithm is used

Currently, the algorithm that we are using to encrypt your files is Advanced

Encryption Standard (AES), with 256-bit block ciphers. It is adapted from a

larger collection originally published as Rijndael. AES is the first publicly

accessible and open cipher approved by the National Security Agency

(NSA) of USA for top secret information.

Require 1.46 x 1054 years to crack the 256-bit

encryption

A 256-bit key size has 2256 or around 1.16 x 1077 possible combination.

Even if you have the world best super computer, Tianhe-1A, with 14,336

Xeon X5670 (6 Core, 2.93GHz) processors developed by the Chinese

National University of Defense Technology as of October 2010, it would

take 1.46 x 1054 years to test all combinations. Assuming you have the

super computer, Tianhe-1A which totals a capability of 2.507 petaflops

(quadrillion of operations/second), available to you. Also it just needs one

computer operation to test a possible combination (which is already faster

than what it can do). To use brute force attack (checking all combinations)

on this encryption algorithm, it would take:

1.16 x 1077

————– seconds ~ 4.621 x 1061sec 2.507 x 1015

i.e. 1.46 x 1054 years

to successfully try all combinations. Let alone Tianhe-1A cannot process

as fast as what described here. You can be sure that your data stored on

our server is 100% secured.

Restrict access to data by IP addresses

You can also restrict access to your backup files from the set of IP

addresses you defined. If someone tries to access your data from an IP

address not on your defined list, their access will be denied. This additional

security ensures backup files are not open to all location, even username

and password are known.