diff --git a/_layouts/landing.html b/_layouts/landing.html index e7b8cb2..e59eced 100644 --- a/_layouts/landing.html +++ b/_layouts/landing.html @@ -10,140 +10,94 @@
-

Distrust Disaster Recovery

-

The only fully open source, technology agnostic disaster recovery system.

-

While there are solutions offering disaster recovery services, Distrust Disaster Recovery takes a fully transparent and no-compromise approach which is unparalleled in the industry. We challenge you to find someone who has the same level of rigor in eliminating single points of failure and provides visibility into how their systems work.

-
+

Distrust Key Escrow

+

The only fully open source, technology agnostic key escrow service.

Documentation Join Waitlist
-
+
+
+
+ +
+ +

Quick Start

+

If you are ready to protect your data, you can use the wizard which will walk you through the process.

+
+
+
+ +
-

Features

-

Air-Gapped

-

This is meant in the strictest sense, where machines specially provisioned only for managing cryptographic material, which had their radio cards (bluetooth, wifi etc.) removed, and networking capabilities disabled are used in order to always keep the cryptographic material used as the backbone for the system in secure environments.

+

How it Works

-

Agnostic

-

While most disaster recovery systems only support specific digital assets, our solution can be used for backing up any data. This of course includes digital assets, but can also include other sensitive data.

+

Backup

+

1. Generate a recovery key

+

Any kind of key may be used, but recommendations for the type of key to use and how to manage its lifecycle can be found here

-

Open Source

-

You can verify that the process matches or exceeds the desired threat model you are interested in. Of course, one may use the open source documentation to set up their own system as well, which we encourage.

+

2. Define recovery rules.

+

The standardized Distrust Key Escrow policy can be used to set rules for conditions under which the key can reclaimed.

+ +

3. Encrypt data and back it up.

+

The client is responsible for redundantly backing up data. This is to ensure that Distrust Key Escrow has no way to access the data.

-

The Approach

-

Distrust Disaster Recovery has been designed with the utmost care to eliminate single points of failure to ensure that your backups are inaccessible by any single individual, under any circumstances.

- This may seem like a big claim, but all our processes and software are fully open source - so you can verify for yourself. +

Recovery

-

Most, if not all current commercial backup/disaster recovery systems have many single points of failure and sell a service which is simply not suited for many contexts - especially for backing up digital asset wallets.

-

Often times, companies need to ensure that they can recovery data while ensuring that no single party can access it independently. This type of necessity is especially pronounced when dealing with contexts such as blockchains, where we often deal with cryptographic material which is able to move large quantities of digital assets.

+

1. Lose access to your data (oops...)

+

Data loss, even with great controls sometimes isn't fully prevented.

+ +

2. Submit verifiable recovery request.

+

Submit a request to recover the data, which will be checked against the recovery rules.

+ +

3. Your recovery key is returned.

+

The key which is held in escrow by Distrust Key Escrow is re-encrypted to a key provided by the client and released from escrow. This is to ensure that we never have access to your data in plaintext, only the key that you used to encrypt it.

-
+
-
-

We specialize in working with high risk clients.

-

If you protect valuable assets or data, or provide software to others that do, your adversaries will not play fair. We want to help you protect your team and users, and remove single points of failure in your stack.

-
+

Security

+

Reproducible Builds

+

Being able to ensure that all of the software that's used for the QKM system is essential. Learn more about why here

+ +

Full Source Bootstrapped

+

Being able to verify the compiler by bootstrapping it in order to ensure it is not capable of injection malicious code at runtime is an essential part of supply chain security.

+ +

Side Channel Attack Resistance

+

Attacks that are able to exfiltrate data via non standard channels is an important consideration when handling sensitive cryptographic material.

+ +

Cold Key Management

+

Ensuring that the lifecycle of cryptographic material is handled in a fully air-gapped environment helps drastically reduce surface area for attacks.

+ +

Multi Party Access Control

+

Because eliminating single points of failure is an effective way to reduce the likelihood of compromise is a core control mechanism for DKM.

+
-
- +
-
-
- - - -
-
- - - -
-
- - - -
-
-
-
- - - -
-
- - - -
-
- - - -
-
-
-
- - - -
-
- - - -
-
- - - -
-
-
-
- - - -
-
- - - -
-
- - - -
-
-
-
- - - -
-
- - - -
+

The Approach

+

Distrust Key Escrow has been designed with the utmost care to eliminate single points of failure to ensure that your backups are inaccessible by any single individual, under any circumstances.

+

This may seem like a big claim, but all our processes and software are fully open source - so you can verify for yourself. If you still don't trust us, that's okay, you can use our blueprint to set up the QKM system youself - and we invite you to do so. You can find the documentation on how QKM works here

-
- - - -
-
+

Most, if not all current commercial backup/disaster recovery systems have many single points of failure and sell a service which is simply not suited for many contexts - especially for backing up digital asset wallets. The lack of transparency on how their systems work means that you as the end user can't verify whether their approach to security matches your desired threat model, and you are left with blind trust, rather with transparency.

@@ -151,4 +105,4 @@ - \ No newline at end of file +