Increasing Security with Blockchain Database Encryption

Worldwide Information security is expected to reach $124 billion in 2019. The smallest data leak can be devastating to any organisation’s credibility, trust, and eventually the bottom line. Securing your blockchain data is no different and is a must when storing any sensitive data that you wouldn't want publically accessible. 

One of the core tenants of blockchain technology is a tamper-proof store of data - one that cannot be changed, deleted, or modified. The application of this simple, yet profound development has spurred a revolution across all industries and public domains and is gathering momentum every day.

Blockchain Database Encryption

What about data privacy and security? Sure, no one can change the data once it's on the blockchain, but what if I didn't want anyone to read the data? In a public blockchain, you either use it to your advantage by only storing data or hashes of data that you don't mind being public, or use cryptography, such as zero-knowledge proofs, so that the data is only decryptable by known parties. The final option is to use private enclaves to segment and isolate the data.

But what if your use case requires you to securely store that data, and only share need-to-know information with your peers on a consortium chain? With Hyperledger Besu’s privacy and permissioning features, you can make sure the data is only viewable by those that are meant to receive it. However, all of this implies your infrastructure has bulletproof security that will never be compromised.

Data at rest encryption is the ability to secure the privacy and confidentiality of the blockchain data stored on the database, by encrypting it with a predefined key, that is sufficiently complex, and is stored securely elsewhere. This means if the database was to be “spied” on, without the decryption key, the contents of the database would be meaningless to the viewer.

Increased Security in PegaSys Plus

PegaSys Plus, the commercially licensed Ethereum platform by PegaSys will be releasing PegaSys Plus on October 22, with configurations for additional security, so that your data remains inaccessible when at rest.

The database encryption plugin, exclusive to PegaSys Plus, gives you peace of mind, knowing, if ever your infrastructure security was to fail and your data was exposed, the blockchain data stored on the database would be secured and not decipherable by the attacker. Simply put, the confidentiality of your data is maintained.

Support for using both a simple key file or integration with vault systems is provided by PegaSys Plus, giving projects the flexibility to use mechanisms most suited to their needs depending on the stage of the project lifecycle. For production use cases, we highly recommend the use of strong key vaults such as Hashicorp that we provide native support for, to ensure the integrity of decrypt keys is maintained.

PegaSys is committed to pushing the boundaries of Distributed Ledger Technology, whilst meeting the highly complex and demanding requirements of the enterprise systems, bringing together both worlds to ensure the growth and broader adoption of Ethereum and blockchain technology.

PegaSys Plus will be released on October 22, 2019. For more about increased security in PegaSys Plus, as well as its other features, join our upcoming webinar.

Interested in learning more about how you can ensure compliance of data security policies and reduce the risk of attack with our commercially licensed offering? Reach out to us here.

This blog post was written by Product Manager, Arash Mahboubi, with thanks to Vijay Michalik for editing.