Secure, Robust and Reliable

1 Secure 256-bit SSL communication

All communications between Storage Vault Backup Server and your computer are transported in a 256-bit SSL (Secure Socket Layer) channel. Although all your backup files travel through a public network (internet), eavesdroppers have no knowledge of what has been exchanged.

2 Backup data are securely encrypted

All of your files are first zipped and encrypted with your defined encrypting key before they are sent to Storage Vault Backup Server. To all people but you, your files stored on Storage Vault Backup Server are no more than some garbage files with random content.

3 Encrypting key are well protected

The encrypting key used to encrypt your files resides only on your computer and is known only to you. It is never transmitted anywhere across the network. Thus, even the system administrators will not be able to decrypt and view the content of your files stored on the backup server without your permission. This unfortunately means if the encrypting key is lost, you will never be able to recover your backup files.

Technical Details

The encrypting key for the different backup sets are stored the config.sys file, which is encoded by a proprietary algorithm:

If client software cannot locate the config.sys (due to accidental deletion or logon to a new machine with the same account), it will prompt the user to re-enter the encrypting key for the backup set and then store it in the local config.sys.

4 Best encryption algorithm is used

Currently, the algorithm that we are using to encrypt your files is 256-bit Twofish. It is a block cipher designed by Counterpane Labs. It was also one of the five Advanced Encryption Standard (AES) finalists chosen by National Institute of Standard and Technology (NIST). It subjects to frequent public reviews but no known attack against this algorithm has been reported.

AES permits the use of 256-bit keys. Breaking a symmetric 256-bit key by brute force requires 2¹²⁸ times more computational power than a 128-bit key. A device that could check a billion billion (10¹⁸) AES keys per second would require about 3×10⁵¹ years to exhaust the 256-bit key space.

5 Require 8.77 x 10¹⁷ years to crack the 128-bit encryption

Breaking a symmetric 256-bit key by brute force requires 2¹²⁸ times more computational power than a 128-bit key. A device that could check a billion billion (10¹⁸) AES keys per second would require about 3×10⁵¹ years to exhaust the 256-bit key space.

Lets say that you have a 14 chars password and assume that your password is strictly alphanumeric. So there are 26 letters + 26 capital letters + 10 digits. That's 62 possible characters. The amount of combinations would be

                                        62^14

                                          or:

                       12401769434657526912139264

If a password cracker needs 1 second to generate and try a single combination, the password would be cracked in 393257529003599914.768 YEARS. Your data is really safe, even if it takes a millionth of a second to generate and try the combination.

For 1/1,000,000 of a second: 393257529003.59 years – that’s 26 times the age of the universe.

6 Restrict access to data by IP addresses

You can also restrict access to your backup files from the set of IP addresses you defined. If someone tries to access your data from an IP address not on your defined list, their access will be denied. This additional security ensures backup files are not open to all location, even username and password are known.