Increasing Security with Blockchain Database Encryption via PegaSys Plus

In the run-up to launching the PegaSys Plus Ethereum client, the PegaSys team explains why enterprises need data encryption

Worldwide Information security is expected to reach $124 billion in 2019. The smallest data leak can be devastating to any organization’s credibility, trust, and eventually the bottom line. Securing your blockchain data is no different and is a must when storing any sensitive data that you wouldn’t want publicly accessible.

One of the core tenets of blockchain technology is a tamper-proof store of data — one that cannot be changed, deleted, or modified. The application of this simple, yet profound development has spurred a revolution across all industries and public domains and is gathering momentum every day.

Blockchain Database Encryption

What about data privacy and security? Sure, no one can change data once it’s on the blockchain, but what if I didn’t want anyone to read the data? In a public blockchain, you either use it to your advantage by only storing data or hashes of data that you don’t mind being public, or use cryptography, such as zero-knowledge proofs, so that the data is only decryptable by known parties. The final option is to use private enclaves to segment and isolate the data.

But what if your use case requires you to securely store that data, and only share need-to-know information with your peers on a consortium chain? With Hyperledger Besu’s privacy and permissioning features, you can make sure the data is only viewable by those that are meant to receive it. However, all of this implies your infrastructure has bulletproof security that will never be compromised.

Data at rest encryption is the ability to secure the privacy and confidentiality of the blockchain data stored on the database, by encrypting it with a predefined key, that is sufficiently complex, and is stored securely elsewhere. This means if the database was to be “spied” on, without the decryption key, the contents of the database would be meaningless to the viewer.

Increased Security via PegaSys Plus

PegaSys Plus, the commercially licensed Ethereum platform by PegaSys, will be releasing PegaSys Plus on October 22. The release will feature configurations for additional security so that your data remains inaccessible when at rest.

The database encryption plugin, exclusive to PegaSys Plus, offers peace of mind by knowing that if ever your infrastructure security was to fail and your data was exposed, the blockchain data stored on the database would be secured and not decipherable by the attacker. Simply put, the confidentiality of your data is maintained.

Support for using both a simple key file or integration with vault systems is provided by PegaSys Plus, giving projects the flexibility to use mechanisms most suited to their needs depending on the stage of the project lifecycle. For production use cases, we highly recommend the use of strong key vaults such as Hashicorp that we provide native support for, to ensure the integrity of decrypt keys is maintained.

PegaSys is committed to pushing the boundaries of Distributed Ledger Technology, whilst meeting the highly complex and demanding requirements of the enterprise systems, bringing together both worlds to ensure the growth and broader adoption of Ethereum and blockchain technology.

PegaSys Plus will be released on October 22, 2019.

For more about increased security in PegaSys Plus, as well as its other features, join our upcoming webinar.

Interested in learning more about how you can ensure compliance of data security policies and reduce the risk of attack with our commercially licensed offering? Reach out to us here.