Service and client encryption details

This section is fairly technical and serves as a walk through of how encryption is used in the product and is intended for somebody well versed with basic encryption primitives. For the uninitiated you might do well with just knowing that all data is encrypted on the client using a combination of state of the art post quantum cryptography and eliptic curve crypto. At no point is your data or your unencrypted private keys ever uploaded to either the service or your backup destinations.

What cryptographic primitives are used by the service?

The application uses several different cryptographic primitives. Master passwords are hashed using the Argon2 algorithm. This is true both for service passwords as well as backup passwords. In addition, the service extensively uses both SHA256 as well as SHA3 hashes during the backup.

The services use 2 separate asymmetric encryption algorithms for encrypting customer data. Before version 3 of the service only used a X25519 key exchange (X25519). Version 3 and later also adds support for using a Kyber key encapsulation mechanism (Kyber) which is a Quantum safe algorithm. Kyber is always used in the Kyber-1024 variant.

For symmetrical encryption, AES-256 is used universally using GCM encoding which also includes signing of the encrypted data.

How is the master password used?

The backup master password is hashed using Argon2 where the resulting 256-bit hash is then combined with a 256-bit random nonce using XOR. The resulting 256 bit value is used as the key for encrypting any private key material in the backup key. Each encrypted value is stored prepended with a unique 96-bit Initialization Vector (IV).

How are backup blocks encrypted?

You can choose how you wish to encrypt your data. The first option is to not encrypt data at all, secondly, you can encrypt it using X25519 key exchange only, and finally by default you can encrypt it using both X25519 and Kyber.

The way each key is generated is that we generate a new key pair for the respective encryption method. This key is then combined with the stored public key for the backup to create a unique 256-bit key for each block. The newly created keys private key is then discarded, but the public key is stored with the metadata of the block. This means that the key can now only be restored by combining it with the private key of the backup instead of the public key used to store the data. When using multiple encryption methods each method will generate a 256-bit key which will be XOR:ed together to generate a combined key.

Once the encryption key is created the behavior changes depending on if you have set the crossSourceDedupe property to false or not. If you have not done so an SHA3 hash of the plaintext block will be created and an XOR key mask will be stored with the block metadata that allows you to get to the SHA3 value of the block from the encryption key of the previous step. The block itself is then encrypted using AES256 with an IV of 0. This is safe because every single block is encrypted using a different encryption key (Otherwise AES-256 with GCM encoding has issues when encrypting different data using the same key and IV).

If the crossSourceDedupe property is set to false a random 256-bit set of key data is generated which is then combined with the combined key. The block is then encrypted using this combined key and using a random IV for each block. The IV is then stored with the encrypted blob.

Deduplication is done at the block level for large files. Blocks are labeled by their SHA256 hash. However, to ensure that the same data does not have the same block label on different backups each backup source generates a 256-bit block salt which is just a fixed nonce that is appended to any blocks contents when calculating the block hash. This salt is also stored with the encryption key.

How are backup logs and configuration encrypted?

Backup logs and configuration data is encrypted in the same way as when you are encrypting backup blocks with the exception that no key data is used to modify the combined key. So with these keys, the encryption key is always the same as the combined key. The advantage with this approach is that you do not need any additional metadata apart from your private keys to decrypt this kind of file. However, you also need to rewrite all this data when you generate new private keys while as your backup blocks can be re-keyed by only rewriting the metadata and updating the key mask for each block. This is why when you regenerate your private keys the logs have to be rewritten, but your backed-up data does not need to be updated.

How are small files encrypted?

Large files are generally stored in 1 or more blocks by themselves. However, for small files (Less than 8 MB in size by default) there is a more efficient way of storing the data where many files can be stored in a single block. However because you might want to share some of the smaller files in one block, but not some other small files are additionally encrypted where the contents of each file inside the block are encrypted using the SHA-256 hash of its contents using AES-256 with CBC encoding and with an empty IV (Again safe since each key is a unique SHA256 hash). This way the block can be shared along with the individual SHA256 hash of its contained files you wish to share (And any file in the block you do not wish to share you can render unreadable by simply not sharing the needed decryption key).

How are encryption keys stored?

Depending on where the key is stored different parts of it are encrypted or in plain text and sometimes not even included as shown in the table below.

Key content	On host	Source definition	Source storage	Share key
Argon 2 hash	Included	Included	Included	Not included
Public keys	Plaintext	Encrypted	Encrypted	Encrypted
Private keys	Encrypted	Encrypted	Encrypted	Encrypted
Sharing key	Included	Not included	Included	Not applicable
Additional keys	Included	Not included	Included	Not applicable
Block salt	Plaintext	Encrypted	Encrypted	Not applicable

The additional keys and sharing keys are additional sets of encryption keys that are used when sharing and will be described in detail in a separate section below.

As we always need to specify the backup master password to restore data everything can be encrypted whenever the key metadata is stored remotely. However, we do need access to the public keys as well as the block salt when we are running a backup without having access to the private keys.

How does sharing work?

The way sharing works in the general sense is that the sharing client needs the public keys of a key pair and the client receiving the share has the private key. When doing this without the Underscore Backup service the public key would need to be shared out of band. When a share is activated all existing blocks are gone through and their encryption key is determined (Using the master backup password to decrypt the main private keys). And then as if a new block was being created we do the exact same thing as when we encrypt a block and storing the public keys of the newly generated and discarded key pairs in the new block. Critically though the key mask is then created as the XOR between the original encryption key to the new key generated. This new block is then stored in the log needed to access the share. All the logs needed to create the share is generally encrypted as if this was a normal backup using the share public key.

How are keys exchanged when sharing through the Underscore Backup Service?

When using the Underscore Backup service every source will upload a set of public keys for every client. These are stored in the service and when a share is created these keys can be downloaded by the sharer. The sharer then uses these public keys to encrypt the private key to access the share for each of the public keys provided. These are then sent to the service. Each client of the recipient can then download the private key encrypted using its public key from the service and from that decrypt the private keys required to access the shares. The private keys are each encrypted as if they were a configuration file in the service (See above for details).

How to Implement the 3-2-1 backup strategy or better using only Underscore Backup

Data loss is a big problem for both individuals and businesses. There are many ways it can happen, like when your computer crashes or gets hacked. That's why it's so important to have a good backup plan in place.

The 3-2-1 backup strategy is one of the best ways to protect your data. It's simple but effective:

1. Make three copies of your data.
2. Store those copies on two different types of storage media (like an external hard drive and a cloud service).
3. Keep one copy somewhere offsite (For instance a cloud service).

Following this strategy helps ensure that even if something bad happens to one copy of your data, you'll still have other copies that you can access easily.

Underscore Backup is a great tool for implementing the 3-2-1 strategy. It works well with this approach and gives you reliable options for storing and recovering your data. With Underscore Backup, you can feel confident knowing that your information is safe and secure.

Understanding the 3-2-1 backup strategy

The 3-2-1 backup strategy is a proven method for keeping your data safe. Here's what it involves:

1. Three copies of your data: You should have one main copy of your data and two backups.
2. Two different storage devices: Use different types of storage, such as internal hard drives, external drives, or cloud services.
3. One offsite location: Keep at least one backup offsite, away from your main location.

Implementing this strategy ensures that even if one or two copies are compromised, you still have another reliable backup available.

Advantages of the 3-2-1 approach

Following the 3-2-1 rule offers several benefits when it comes to protecting your data:

• Data Integrity: Having multiple copies on different types of storage reduces the chances of all copies getting corrupted at once.
• Resilience: An offsite backup provides a safety net in case something happens to your main location, like a fire or theft.
• Versatility: This strategy can be used in various settings, whether you're an individual user or a large organization.

These advantages make the 3-2-1 backup strategy essential for maintaining strong data protection.

Mitigating risks with the 3-2-1 strategy

The 3-2-1 backup strategy effectively helps minimize several risks:

• Hardware Failure: If one storage device fails, you still have other copies to rely on.
• Human Error: Accidentally deleting a file is less disastrous when you have multiple backups.
• Cyber Threats: Ransomware attacks often target local files first. By having an offsite backup, you can restore clean versions of your data.

By addressing these risks, the 3-2-1 strategy offers comprehensive protection against a wide range of potential data loss scenarios.

To make the most of this reliable backup method, consider using advanced solutions like Underscore Backup for added security and convenience.

The Role of cloud backups in a robust strategy

Leveraging cloud technology for offsite backups is crucial within the 3-2-1 strategy. Cloud storage offers a convenient and scalable backup solution that ensures your data is stored securely away from your primary location. This offsite approach safeguards against physical damage to on-site data caused by natural disasters, theft, or hardware failures. Integrating cloud backups into your strategy provides an additional layer of protection, ensuring that even if local backups are compromised, your critical data remains accessible and intact.

Benefits of cloud backups

Top cloud backup services bring numerous benefits for both individuals and businesses:

• Data Accessibility: Access your backups from any location with an internet connection, providing flexibility and convenience.
• Scalability: Easily adjust storage capacity based on your needs without investing in additional hardware.
• Automation: Schedule regular backups, reducing the risk of human error and ensuring consistent data protection.
• Security: Advanced encryption techniques protect your data both during transfer and while stored in the cloud.

Cost Efficiency: Pay-as-you-go models eliminate the need for substantial upfront investments in physical storage solutions.

Introducing Underscore Backup: Your comprehensive data protection solution

Underscore Backup is a versatile and powerful backup software that perfectly complements the 3-2-1 backup strategy. Here's why it's the ideal choice for your data protection needs:

Key features

• Multiple Storage Options: Supports local, network, and cloud backups and multiple destinations.
• Continuous and scheduled backups: Effortlessly schedule backups while at the same time continuously tracking file changes in near real time.
• Public Key Encryption: Ensures data security with public key encryption protocols.
• Multi Region Support: Reduce latency and keep on top of data governance of your backed-up data by storing your data either in the USA, European Union, or South-East Asia (Singapore).

Underscore Backup ensures seamless operations through its advanced technology. The software employs:

• Incremental Backups: Only back up changed data, saving time and storage space.
• Deduplication and Compression: Minimize storage usage by eliminating duplicate copies of data and compressing files.
• Snapshot Technology: Captures the state of your system at specific points in time and allows restoring exactly to that point in time.

This sophisticated approach minimizes downtime, ensuring swift recovery from data loss incidents.

Despite its advanced capabilities, Underscore Backup remains user-friendly:

• Intuitive Dashboard: A centralized interface for managing all backup activities.
• Wizard-Based Configuration: Simplifies setup with step-by-step guidance.

By extending the principles of the 3-2-1 backup strategy, Underscore Backup provides a robust, scalable, and secure solution for modern data protection needs.

How to implement a 3-2-1 backup strategy in Underscore Backup

You can easily achieve a 3-2-1 backup strategy using nothing but Underscore Backup by using 2 backup destinations in Underscore Backup. By using first the default backup destination of the Underscore Backup service and at the same time adding another backup destination to another local computer or NAS on your network you will have 3 copies of your data on at least 2 different kinds of media and one of them is offsite.

Conclusion

Adopting a strong backup strategy like the 3-2-1 approach is crucial for protecting your data against cyberattacks and reducing the chances of losing important information from hardware failures or natural disasters. This method ensures that you always have multiple copies of your data stored on different types of storage devices, with at least one copy stored offsite. By following this strategy, you can prevent the potential consequences of hardware failure, human mistakes, and online threats.

Underscore Backup makes it easy and effective to implement the 3-2-1 strategy. Its advanced technology allows for seamless backup and restore operations, ensuring that you can quickly recover from any incidents of data loss.

Taking action now to sign up for Underscore Backup means investing in comprehensive, hassle-free data protection. Don't leave your important information exposed—safeguard it with a proven solution designed to meet the highest standards of data integrity and resilience.

Subscribe to Underscore Backup today and enjoy the peace of mind of knowing your data is fully protected.

With regular backups, you can restore your data quickly and efficiently in the event of a breach or system failure. By subscribing to Underscore Backup, you're not just acquiring a service – you're gaining an essential tool that will keep your business running smoothly even in the face of adversity. Don't wait until disaster strikes; secure your data now and ensure uninterrupted operations for your organization.

Google Drive issues provide a reminder that file syncing services are not backup replacements

A lot of people use file syncing services such as Google Drive, Dropbox, or Box and assume that this is sufficient protection from data loss. Although they do protect against a certain amount of protection for things like a broken computer or stolen laptop they are in general not a replacement for a real backup solution.

This point has unfortunately recently been made evident to a group of Google Drive users where some users have lost access to their data stored in the cloud syncing service.

The problem with syncing software in general is that if a file is removed on one computer all local copies are also immediately removed. In the case of the problem with Google Drive mentioned above it seems like an issue in the cloud service causing files to disappear and also removing the local copies of the files.

You want to make sure that any backup strategy you have is not vulnerable to a single point of failure and the file syncing services do simply not provide that. Using Underscore Backup you can set it up to create both a local backup as well as a cloud backup to be sure that no matter what happens there will never be any data loss with no single point of failure neither with your computers nor there would be a catastrophic event with the backup service.

Photo by LARAM on Unsplash

New release with improved directory handling

A new release is available for download now supporting the restoration of directory permissions and also better handles recording deleted directories in restore operations. Previously only the files had their permissions restored.

This follows the previous release that includes moving most previously command line only functionality into the UI and optionally collecting backup statistics to the service.

Get it now from the downloads page.

Image by Ludmila Uleva from Pixabay

Support Underscore Backup on Product Hunt!

Our launch is now live on Product Hunt. Please support us! Comes with a 50% off for 6 month coupon!

Recovering from a catastrophic failure

A short walkthrough on how to recover a backup after a catastrophic failure.

Alert emails for backup issues available now for all subscribers

As of today Underscore Backup users will now receive email alerts if any of their Underscore Backups are encountering issues as long as they have opted into receiving billing emails (Otherwise the service does not retain your email address, so no emails can be sent).

Alerts include either not performing a backup in the last 3 days or additionally if any serious error is encountered. The latter will only be included if the recently introduced backup usage reporting is enabled as the errors encountered are part of the usage being reported.

This email alert will allow you to easily ensure that all of your installed copies of Underscore Backup are running smoothly without constant supervision.