Securely Storing Data Backups on the STEEM Blockchain

in encryption •  2 years ago 

Today I was updating one of my files where I store invoice information, and I thought about storing an additional backup of the file in case my hard drive crashes. I already use Apple's Time Machine backup feature, but I thought it would be fun to try something a little different as well.

Why not put it on the blockchain?

One thing to consider when backing up a file to the blockchain is it becomes publicly available to everyone. An easy workaround is to encrypt the file first. That brings up an additional concern if the file contains data which needs to remain secure for many, many years. Some encryption mechanisms become obsolete and vulnerable as computational power increases. That means if you put an encrypted file on a blockchain which lasts forever, at some point in the future that file may be deciphered by someone with a strong enough computer (or a quantum approach we haven't yet imagined).

In this case, it's just invoice information, so no big deal.

For those not familiar with GPG (and even those who are, there's always plenty to learn), I found this GPG Tutorial by Digital Ocean has a lot of useful information.

To decrypt my invoices file so I could back it up on the blockchain, I used this command:

gpg -a -o privex_invoices_2018-02-23.asc --symmetric privex_invoices.txt



(Note: I already added cipher-algo AES256 to my ~/.gnupg/gpg.conf to avoid WARNING: message was not integrity protected warnings.)

The -a part is important as that ensures I get text output instead of binary output. It prompts me for a password which I generate with 1Password (my password manager) and store there securely.

If I ever want to decrypt the file, it's as simple as:

gpg -o privex_invoices_decrypted.txt --decrypt privex_invoices_2018-02-23.asc



Here's the contents of privex_invoices_2018-02-23.asc which I'm now storing on the blockchain as a backup:

-----BEGIN PGP MESSAGE-----
Comment: GPGTools - https://gpgtools.org

jA0ECQMCFcVKx69ksOPe0uoBMU88ZyoAs7+VUnXyuuxecEUIC+yUyQ8ZUeZc3myR
Hdkqgp2EBZt66kDD5ZowVgv5S8tKmEvq7ee0fWvpo/y0E7aZEH5A6ltd6vexYHB8
YMgA/kswWy1BMDK7MWPjABB7/yhh+dv4nUBWMV4wBEL92cIyfwDUwUsb8ebqC2OT
wG+/fu5kwu+39NSjLxIH7SuoPrX26bxoEnNhT0HmwIcHRd6CdkJBiJ1Y8Y9DT2ys
OJKT2CFWzBfwK99Qxoq2E562+vKAwxlsESRlcW/8sr3w5ZH+8+R0GNrZfaJU1o5p
K9kYAbu/h7diHxq9chFZATOnMCKBdmUurEKRphNlrt6n2z85jEF0ZAlCCqYgrqoO
Z5w3M9jna5Iw15lwuJv4fQSAF4FfBALD5PAym+saGj6NAEpnmcxagglMe7XY4x89
mKTTBExX0YeLgg6510udzRFvvQcUR82MGfnwYcYZLmI0BTQAr8ewdURMztaBmrOR
LeiZcMQ1Jz6cRM/Ji5sOfuYiplKP+fXg9EA/Ggc2MIca9YAvxnk707lo/4qbqmfV
oQ1Xk3fVNTzZl5JuYpRfnAiNsLeufW+TIlIpg7wcU5U8hXGOFFxsVBsVO4dolkg4
t9/QKjAiHZOfLWbEs4P8NsubgmsySLenZ95DKEPz3fYcyttHGpDUnEYkexDP8zVO
wcQnQITWUzI401jKUvmq8WoaGvlL4EvZR/WvjtKVi5FW7HJ9UvMdzrjriWJEkopM
WYjtP/FpPDawJ9bq6XelC86Y3l8YhYp237HZi0b14UsTDNha7cbyrYWxxkeKh/h1
pXXSD6YzCcsU8zORbx65K6bqkIaZQV4fDZJyqJCBcKZi19LgJ4OnLXM6WYkCQPfR
48ULaU3hyBbr6XtqpGKsqeTkEwFKhvOivL4Z5OcsGDwy9aYCoAuVmix+J7uDgyRO
sEs8ZZNgw37mcyV3oDgXpX9nX+RP9LcZ8HdD6bcckEJx58AKT6keCXDOI2xeUBWw
gL0TLMqFqXApXS4ydrYhX84TDS/jPVCahv4rtH5FBsYY7Km9dgK9OlL+SfTnj/fz
X8HYITdpRkZYlJ/JdN9AMOI/QrIafG7qA4S8VeKUl58rUU/m1/bRb2PSO2NqNcFq
rZ7ZiJaIXrmOqw2cNTBD3YuSRiL4mhszzaRBrUk1O8pB6fGAnAAgpcEUVni+OF9Q
mrCs+1EZoCXioHodMXBRd5PkGB0lri0qEGPLsnhRuQo4v7m9gOkUaRDNCF9mNQ+C
VCI6Ho7MSHcFtm00Hk/qTFzBluMYdQ8Rtgw0q6nn4Vk/7RdggYyFTWbO1vNzGE40
v7RgaCOJ1PhYhI/hp5H6EliYmXwOnx7lyoRXu5C4qOQp6dFGPckX0Aph6QKO2Yha
e5EQHQKkwTJbgDlhDmgXCOR/UEZoNKKQ8hS+EZkvGmt0CLfDaW62qbEeV4pg7wxN
6wOWcE2N56lyR7saFDf4Y6mX0q8PCbcxCD/N6PowouN8gkl5bdoySR/vntSLMliJ
JkOyi2n0aNCxRPUSJo4En3pCRBaZW+cRKpSgq/KDUgwBmi/Nmf4N1p2LAAKdpoCK
e19INmRsajJeKTidZVkT9xwQuuaJ4zK3enaX/7F4frv5wnAPISJKfP6tC+lOiPRv
/XyotmnnDBqpZ3p6gAsLCsuN1udTmKXlqhSmamhdYoJ09v6SI4tUov271YcfPT5z
RL3kpA/I0D0V2xFsngc2CCqSHZZQxYX1DLxbTGfLYPnW4QcnsqNW/6Nmt1UGp6Lt
y259917e+/sJ1JZj7/A7/CuI6bukx1YM/e7BC5XpcJfjcDU+JjQRsy3C86I2hVM4
Sji06BFZ/6e26WLeKlp3De5BNGj2o65b4Wsa2Dtb51aAEE1+gVJ787KoSVZ7lFho
jPSnhBVcnYzKngCK7udUNo4FW0DhPjKJVQ9MnKasCn27n+sZHJzi5sSTJK23garQ
YNv7tIVswU9qK0qlb5qhaU1/GZ+G+ys/O5W4mju0qDKeI3S5IGvJ1VugL5sU7uA+
j0jF+HJww19NUiIGBPRIpkWNwIAXmfEAYqakQnCDSHaZaX7Tq/2OZnAnpi/q9NYX
+Ffbgjl9d/pflJtlSwu17kkpIcRfT4qyfNEW9GcRx2P/Sch+78zksZc+0MTzLx92
Feb7gpIyc+L/PpLtVFnTnNbv29YjdGnma5c8mtZ41dV31Hvg4Akdiw9ZaBF+Jyao
LNRdddcXk7ih7vfBh1LJ+WPHwIDIhM4QfSjg7IaSE3kM6bCaypOns7NqByOtyvHU
lPwPecMRv/ZyY5smRr+rs4nnsYrf7q5saPkVaCCi6biuSnxbWf+mTYU5iT+KUdT4
peOfolFJH17IyCSjd8HbgDnz1nyXwZWeDEsuw6joFHOKQMJ/AJoPUj1KwizZhNkE
4AD5T9vNlD/lN1ueNo4Y7TF5pqtLqcl5+hi5nCenzDurJt4ev8Qy2SZQY6SCc1uP
aJIxoQ==
=JRCt
-----END PGP MESSAGE-----



Now, if I ever lose the original file or accidentally delete it, I can now recover the information using the encrypted data stored forever on the blockchain.

Pretty cool, right?

Online privacy, encryption, reputation, and identity are important topics which have to come out of the "nerd realm" and into every-day society. This stuff really matters because if we begin building a voluntary society using smart contracts without government and their threats of violence for compliance, then all participants will have to require high levels of personal responsibility. For more on that, see Privacy, Identity, and Human Flourishing.

Unfortunately, this stuff is still pretty complicated. Programs like https://keybase.io/ make it a little easier, but the more we trust layers on top of the core encryption tools, the more vulnerabilities can be introduced. There's often a conflict between making things easy and keeping them secure.

I hope this post at least reminds you of the importance of securely backing up your files and exploring tools like GPG to control your own data security.


Luke Stokes is a father, husband, business owner, programmer, STEEM witness, and voluntaryist who wants to help create a world we all want to live in. Visit UnderstandingBlockchainFreedom.com

I'm a Witness! Please vote for @lukestokes.mhth

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Interesting concept, but what's to stop everyone from randomly just posting GPG encrypted stuff on here without providing any valuable posts? While that's a useful post to the poster, it wouldn't provide anyone else any value and seems kind of spammy.

Clearly, this particular post did provide value in that you might have taught someone to use GPG, provided another potential value for the blockchain, and started this conversation.

Nothing but economic incentives. If I, for example, started posting backups of my files constantly, would I love followers? Would people remove me from their voting bots? For sure. I could also do a decline payout post, which would be fine, but even then, those who automatically vote for me would lose voting strength without any curation rewards. Eventually, I'd lose them in that scenario as well.

That's what I love so much about the STEEM blockchain. There are financial incentives to be a good actor. Instead of just posting this file with a decline payout and no explanation, I turned into an educational piece to help others.

Ideally, spammy behavior not only doesn't get rewarded, but also gets flagged. The problem we have there is many don't want to waste their voting strength to downvote because there's not immediate financial incentive to do so (other than protecting the perception of integrity and value of the whole system).

well, you do not need to do it on your main account. you could set up a new account and just use that to post your invoices. That way you do not really "rape" the reward pool and there are no votes to lose. But you are being provided with an eternal free storage method. nobody would notice it, there would be no followers hence also none to lose

This is a solution that could work for a while of course but if everyone and their dog started saving every paper on the blockchain on dummy accounts then this would potentially change the whole purpose of the chain (personally I think its to late for that but it might have been a possibility)

What if? can be a cool question sometimes

The problem is, how will you retrieve it later?
In a year?
How will you find it?
For that you need to look through all your posts.
Wouldn't it better in a custom json?
That way one can store everything I m the blockchain, use its own index and find it faster later.
Of course, nothing over 64kb.
Otherwise you have to split it

Yeah, the size limitation is a problem there, but I do agree that's a great approach. It's not one that simple users can use though. Most people aren't running their own interface to the blockchain other than Steemit. As for finding it later, I could store a link to it in the notes of my password manager where stored the password to decrypt (which is a great idea I'll do right now). Otherwise, I can just search for it.

Or make one post.
And add everything in comments.
How to store data within steem.. On this topic I made myself some thoughts, since I am here,.. Just never posted them:)

Hmm. Maybe that would be another app for steem?
If I had time I would script something.. Hmmm..

  ·  2 years ago (edited)

The backup idea sounds great. But are you not degrading the system and the purpose of this social network by having it back-up files that does no one any good, except for you. Is there a size limit for posts? Is this not something that can be abused and make the system suffer?

Many things can be done to abuse the system, for sure. It's designed to enforce bandwidth restrictions so only those who have paid (invested in Steem Power) can use bandwidth and storage appropriately. Some thing to consider is that the STEEM blockchain is not Steemit. That's something many people get confused on. If I just wanted to backup files, I could create a separate account on the STEEM blockchain for that purpose and not use it for social activity at all.

Well I guess we all have a stake into it. To each his own, After a certain amount of time can you delete the file or change it? Or is it frozen forever?

Blockchain data is forever. It's immutable. That's why this approach is only really useful for point-in-time backups.

Cool! Or you could send a small transfer to someone and post this file as a memo. Or even a comment to your own post. Have a post called "My backup" which has comments from you containing all your data, and you keep coming back to that post to comment more.

I am not so good in blockchain yet, Your sayings are worthy. Thanks for educating me about blockchain and data backups.

very good advice.
thanks for sharing with us coz it helps us a lot
@lukestokes

  ·  2 years ago Reveal Comment

That's a amazing post..Keep it up..
Resteemit done...

Woah... Might sound weird, but i've never used explored this function. But now i know. I'll follow your steps and do it right. Thanks @lukestokes

Ahh this is an interesting idea! I think the blockchain could be a great place to store data backups, but I wouldn't put anything too important on it, because it becomes public and who knows, maybe one day it'll get hacked. Obviously, the chances of this happening are probably really really low, but still, the part that it's public wouldn't make me feel very secure about it!

thanks @lukestokes for his guidance. very useful for us who are still beginners in the world of steemit.

I do not know about using a generated password for this.
As, many of the cases where you would need this file, that password manager would probably be destroyed.

Also, if you wanted to be really secure, right your own compression algorithm. If they know you used PGP, then all they have to do is find the password. If you role your own, they have to find the password and how you encrypted it.

The using a book encoding technique, a word in your file becomes the page, line & word numbers in your encryption is very very strong. It is only broken by repeated usage and more than one person knowing which book.

Rolling your own encryption is most likely going to be less secure than using established crypto. The chances of a security expert getting crypto right when designing a new algorithm are pretty slim. Yes, the key to decrypt the data might get found, but the likelihood of that, compared to a developer not being as smart as they think they are is not a tradeoff anyone should take.

Well said, sir. :)

"roll your own" is universally one of the worst pieces of advice in the encryption space. If you don't believe me, ask anyone familiar with that space or just look at history.

I'm all for one-time pads, but you're still having to secure the "password" or the key you used. If my password manager was every compromised, then I'd be screwed anyway. Files that don't need to be stored in a password manager because they aren't super important secrets can be encrypted and stored just fine on a blockchain. Again, in this case, there was nothing super secret about the data, other than putting it out there in plaintext would be kind of silly (and meaningless to others).

I can see your point, as I have seen people "encrypt" credit card data by adding an extra number to the end of them. (In a large charity)

However, from my brain type, encryption algorithms are pretty straight forward to me. And how computers implement them is very straight forward to me.

So, maybe my statement is not for anyone other than me, and people I like to talk to.

Pretty cool how you would be able to get it right back so quickly with the backup. Yeah the transparency on Steemit is pretty damn high honestly.

Great information... Nice job @lukestokes

wow! so beautiful photography with nice post.

love the idea !!

I am new to blockchain and thanks to this article I have learned a lot and it has been very helpful, I still feel that I have a lot to learn but thanks to your post I feel that I will improve a lot! Thanks for your tips

Thanks for this information and great concept

So did you create a new Steemit account specifically for the purpose of storing documents?

I used Kleopatra to help create encrypted messages to a vendor I was buying edibles and fake id's from off the Silk Road in my bad-boy days.

Nah, this was more a proof of concept for me. May some day in the future I might do something like that. Maybe even wrap it up in a command line tool that would use steem python or something similar to store the messages for you on the blockchain.

Well, even with the risks. Pretty freaking cool man!

You know, I've been thinking about the very same thing the other day. Combining seemingly disconnected technologies is truly the way to move forward. I love how robust blockchains are and coupled with advanced encryption, they could store private information in plain sight. Man, if they could just find a secure way to make us our own private keys, nobody would need to memorize anything anymore. No more identity theft, no more lost passphrases. That would be the dream!

interesting, so you just create a post and add all the GPG data (including body and header)? Do you think there will be a more elegent way to store this one day? Feels like a service to help ppl encrypt and store in to the Steem blockchain without having to create a post would be epic.

How are you inserting the data in to a block?

Yeah, it's all there in the signed message. That message can be decrypted to get the original file back. As for a more elegant way, I don't know. Maybe certain tags (I like "test" may work like this?) could be ignored by most interfaces including STEEM? With that, we'd have concerns about vote abuse though (imagine a whale voting up their own hidden crap every day). There's no fancy data insertion, just the text you see in the post.

Regarding the whales, they can alreayd upvote any of their own crap (ie. Bernie Sanders does this). I think self-voting can be an issue, but this doesn't change that dynamic.

Also, I envision a service that generates a private/public key pair for you (similar to how crypto web wallets work) that will then encrypt your data and submit it to the Steem blockchain as a service.

Can someone grab and hide that shiny object for me? I'm going blind...

Is it possible to make this happen using sidechain technology? 🔑🔗🗄🔐