EsoteraS3 adds many orders of magnitude of security to existing storage systems by hiding both the content and the location of your data. Its managed redundancy technique ensures your data is never lost.
The Conventional Way to Store Data
Conventional systems encrypt the channel over which your data flows or encrypt your file before it is sent. They have complex authentication processes that prove that you are entitled to store or obtain data from their equipment. In all cases, each file is treated as a single entity and resides on a final server or storage device as one piece. Your data is protected from theft through the physical security of the site or by the encryption of its content. It is protected from loss by a regular backup procedure to off-line media such as magnetic tape.
The EsoterasS3 Way
EsoteraS3 Mass Storage System uses mathematics to hide enterprise data. In preparation for writing, each file is broken into small blocks that are individually encrypted. A mathematical algorithm called an ‘Address Transform’ is executed which uses exactly two pieces of information: the fully-qualified name of your file (which includes the names of the sub-directories in which it is located) and your Personal Encryption Code. This algorithm creates a series of instructions that specify on which of one hundred or more computers each block should be stored and where on the specific computer it should be placed. These instructions are executed to transfer each of the blocks to their final positions. When it is time to read back your file, the Address Transform uses the same information (the name of your file and your privately held Personal Encryption Code) to recreate the storage instructions and get each block back. These blocks are then decrypted and used to reassemble your file.
Think of a jigsaw puzzle. Imagine that each piece of the puzzle has its own ‘Peer Index’ and ‘Block ID’ numbers. The Peer Index tells you in which of hundreds of piles of puzzle pieces the piece will be stored. The Block ID allows you to quickly locate the piece in the pile of 100 million pieces. If you know the sequence of Peer Indices and Block IDs that belong to the puzzle in the order in which the pieces fit, then solving the puzzle is not too hard. Now try solving the puzzle without this information when the puzzle pieces are mixed in with many separate piles of 100 million other similar-looking puzzles.
It is not possible to recreate the sequence of Peer Indices and Block Ids calculated by the Address Transform without knowledge of the Personal Encryption Code. This is how EsoteraS3 hides the ‘location’ of your data. An attacker would have to make 264 = 18 billion, billion guesses on each of hundreds of servers to locate each block in the sequence that forms your file. Each guess requires time to transmit to a EsoteraS3 server computer, be processed and return an answer. Even then, the attacker would have to decrypt each block and reproduce the correct order.
This adds up to eons of time even if the attacker has a large number of computers working on a fast network to solve the problem. Your data is safely hidden by the huge numbers involved.
At any time, you can decide to recreate your Personal Encryption Code and restore your data. This forces the attacker to start again from scratch.
Mathematics is also used to protect your data from loss. The EsoteraS3 system actually stores a minimum of three copies of each block on different servers. Should any of these computers fail, ‘data regeneration’ is automatically scheduled within the hour which replaces the third copy of the block on a different computer. This technique of ‘Managed Redundancy’ ensures that your enterprise data is always safe.
Tags: encryption, esoteras3, magnetictape, managedredundancy, massstoragesystem
