60 lines
2.9 KiB
Markdown
60 lines
2.9 KiB
Markdown
|
---
|
||
|
|
title: Q&A
|
||
|
|
layout: default
|
||
|
|
permalink: /q&a.html
|
||
|
|
---
|
||
|
|
|
||
|
|
# Q&A
|
||
|
|
|
||
|
|
#### How does the Distrust Disaster Recovery system work?
|
||
|
|
|
||
|
|
The Distrust Disaster Recovery system is based on
|
||
|
|
[Quorum Key Management (QKM)](https://docs.distrust.co/qkm), a highly
|
||
|
|
opinionated framework for managing cryptographic material securely in offline,
|
||
|
|
hardened environments. One of the core tenants of QKM is that the cryptographic
|
||
|
|
material is sharded (split up), and distributed in different geographical
|
||
|
|
locations, so that it takes the cooperation of multiple individuals from
|
||
|
|
different regions in order to reconstruct the key which allows for decryption.
|
||
|
|
|
||
|
|
#### Where is the data stored?
|
||
|
|
|
||
|
|
You may choose to have Distrust Disaster Recovery redundantly store your
|
||
|
|
encrypted data, but this means that Distrust Disaster Recovery staff would be
|
||
|
|
able to decrypt your data, although it would require a quorum of
|
||
|
|
[Shard Bearers](#what-are-shard-bearers) to assemble physically as all
|
||
|
|
cryptographic material is stored fully offline. This is very much unlike the
|
||
|
|
current market offerings which store both your encrypted data, and the keys used
|
||
|
|
to decrypt it in online environments, with questionable security, and certainly
|
||
|
|
no transparency into how they actually manage your data. With Distrust, the key
|
||
|
|
for decryption and any decryption is always performed in fully air-gapped
|
||
|
|
environments, and is the reason that recovery is slower - but far more secure.
|
||
|
|
|
||
|
|
Alternatively, you may opt to generate an encryption key, encrypt your data
|
||
|
|
using this key, then encrypt that key using the Distrust Disaster Recovery
|
||
|
|
public key. You could then destroy the key you used for encrypting your data,
|
||
|
|
effectively creating a setup where the only way to decrypt the data is to
|
||
|
|
recover the encryption key via DDR. In this setup DDR has no way to decrypt your
|
||
|
|
data in plaintext, but you are responsible for encrypted data backups.
|
||
|
|
|
||
|
|
You can learn more about data storage [here](/data-storage.html)
|
||
|
|
|
||
|
|
#### What are "Shard Bearers"?
|
||
|
|
|
||
|
|
Shard Bearers are Distrust Disaster Recovery employees who are responsible for
|
||
|
|
managing a shard which is used to reconstruct the private key which can
|
||
|
|
decrypt client data. At least 2 shard bearers are required in order to perform
|
||
|
|
this task, and the shards are stored offline, and never exposed to any
|
||
|
|
environments other than specifically tailored air-gapped environments according
|
||
|
|
to [Quroum Key Management](https://docs.distrust.co/qkm) specification.
|
||
|
|
|
||
|
|
#### What quorum threshold does DDR use?
|
||
|
|
|
||
|
|
2 of 3 threshold is used, with [Shard Bearers](#what-are-shard-bearers) located
|
||
|
|
in 2 states in the USA, and in Canada.
|
||
|
|
|
||
|
|
#### Can Distrust Disaster Recovery be used instead of Coincover or Keyternal?
|
||
|
|
|
||
|
|
Yes, it can, although the speed of recovery is slower, the security guarantees
|
||
|
|
far surpass those currently available in the market. Additionally, Distrust
|
||
|
|
Disaster Recovery is the first offering of its kind that allows encryption of
|
||
|
|
*any* data as opposed to only blockchain wallet data.
|