Online Secure Data Backup - Encrypted Backup - Incremental Backup

Safeberg Backup offers ultimate privacy through the use of a unique system that safeguards the secrecy of keys and through the use of proven encryption technology.

Open technology

We are very open about the encryption technology we use. Why? The safety of a solid encryption system is based on the secrecy of the key, rather than on the secrecy of the technology. By sharing our technology, we provide security specialists with the opportunity to thoroughly investigate it and test its safety.

Three rules for the use of keys

In order to obtain 100% privacy, we have established three rules for the use of encryption keys.

A key with which backup information is decoded should not be saved:

• alongside stored data (obviously)
• by the organisation which stores these files (due to privacy considerations)
• within the system in which the original data of the backup is stored (to prevent the key from being stolen and to prevent the key from being unavailable if the system goes down)

To be able to live up to our own rules, we have developed the Offline Private Key Protocol (see OPKP on Wikipedia). In order to increase the ease with which a large Offline Private Key is stored, we have come up with the Safeberg Key on Paper for our user.

Implementation with proven technology

During the development of Safeberg Backup we have chosen for the most solid and mathematically proven solutions:

• 192 bits AES in CFB mode (symmetric) encryption of files
• frequent change of file keys at random intervals
• 4096 bits RSA (asymmetric) encryption (key wrapping) of file keys
• seeding of symmetric AES keys with network entropy
• optimal key padding (Optimal Asymmetric Encryption Padding, OAEP)
• advanced PRNG’s
• 256 bits SSL for access to account data on website
• no permanent storage of local password on client (optional)
• offline generation of a public/private key set on a separate secure offline system (optional)
• offline storage of private key (optional) onto paper or digitally
• secure client/server communication with challenge/response and salting
• client/server communication via 256 bits https
• encryption of file names, file paths and file sizes
• incremental backup based on comparison of file attributed hashes
• restored data available after verification of private key (without the private key leaving the local system)
• signed updates on Safeberg Backup software
• 100% open source code (available upon request)

Norms for national security

Safeberg Backup meets the norms for defined security until 2038 as are mentioned below:

• ECRYPT Yearly Report on Algorithms and Keysizes (2007-2008), European Network of Excellence in Cryptology

• Mécanismes cryptographiques, Règles et recommandations concernant le choix et le dimensionnement des mécanismes cryptographiques de niveau de robustesse standard (2006), Secrétariat général de la défense nationale, Direction centrale de la sécurité des systèmes d’information (DCSSI)

• Recommendation for Pair-Wise Key Establishment Schemes: Using Integer Factorization Cryptography (2008), United States National Institute of Standards and Technology (NIST)

See also:
-    Safeberg Key on Paper
-    Ultimate Privacy