For the filename key, since it’s using a symmetrical algorithm, it needs the same key used for encryption to decipher the filename.
Now that we understand how encryption works, it’s time to talk about how to restore a particular backup version. Rest assured that your backup data is now safe and sound because all that’s on the server side is encrypted. To further bolster data privacy and security, the version 1 key will be further encrypted using an RSA-2048 public key. Suppose you create a backup task (version 1), a filename key and a version 1 key will be generated and protected by AES-256. When the backup task is done, the version key will then be further encrypted by an RSA public key before the backup data goes to the server side.īelow is the flow diagram showing how it all works.
As for the version key, it is randomly generated for each backup version. The hard-coded filename key will turn your file name into ciphertext, so no one on the server side will see your filename whatsoever. We make the filenames unreadable because we know sometimes you don’t feel comfortable showing them to others and thus they’d better be kept secret. When you create a task to back up data from the client-side NAS to the server-side cloud via Hyper Backup, two AES-256 keys will be generated: one for the filename and the other for the backup version. Only the owner of the paired private key can decode the public-key encrypted message. RSA (Rivest–Shamir–Adleman) is an asymmetricĮncryption algorithm used to secure data transmission with a key pair – a public key and a private key used for encryption and decryption respectively. To add an extra layer of protection to the AES key, it is further encrypted by an RSA-2048 public key. A 256-bit long key size is the most complicated one among the three key lengths (128, 192, and 256 bits), and that’s what makes it extremely difficult to crack. Every backup version is encrypted with a randomly generated AES key, and you’ll need the very same key to decrypt the data. That’s why we employ AES-256 and RSA-2048 encryption technologies to make your backup data virtually invulnerable to unauthorized access and malicious attacks.ĪES (Advanced Encryption Standard) is a symmetric encryption algorithm, meaning that you have to use the same key to encrypt and decrypt data. We value data confidentiality as much as you value your valuables. But it’s simply not safe enough, so you turn to a bank and store your jewels in a safe deposit box securely kept in a vault for extra protection and peace of mind. You put it in a jewelry box with a lock to protect against theft. Suppose you have a collection of precious heirloom jewelry. You cannot be too careful when it comes to protecting your valuable assets. How AES and RSA work together to protect C2 backup data
0 kommentar(er)
