Multiple Encryption for Online Backups

I have a lot of data I need to backup online, and one of my concerns is that five or ten years from now a flaw in an encryption scheme or even a software implementation flaw would leave my encrypted backups at risk of being decrypted by a third party.

Someone on Reddit suggested adopting the National Security Agency’s Rule of Two in order to minimize the risk of this,

The Rule of Two is a data security principle from the NSA’s Commercial Solutions for Classified Program (CSfC). It specifies two completely independent layers of cryptography to protect data. For example, data could be protected by both hardware encryption at its lowest level and software encryption at the application layer.

The principle is practiced in the NSA’s secure mobile phone called Fishbowl. The phones use two layers of encryption protocols, IPsec and Secure Real-time Transport Protocol (SRTP), to protect voice communications.

Leave a Reply