Considerations for long-term key storage (paper backup, media for vault storage)?
What about something like Verbatim's Archival Grade Gold DVD-R>? It gives 4 GB storage. They claim a life of "up to 100 years" but I find no independent verification. Frankly I'm skeptical. But maybe you can boost your chances by just burning the same data on to multiple disks and hope any failures are uncorrelated? I'd buy disks from different lots or different manufacturers too. The hard part might be ensuring that the drives needed to read these disks are available and functional when the time comes (perhaps beyond your lifetime)
Also look at this new disc technology from Millentia called M-Disk They offer an incredible 1000 year life estimate but I'm an eternal skeptic. Caveat Emptor.
If you really want to splurge & the keys you want to store are not too large in size (think MegaBytes and not Terabytes) you could look at Norsam Technology's HD-Rosetta product. They actual use electron beam etching to etch your data on to a metal platter. I suppose that should be archivally very safe. Though I cannot imagine anything more inconvenient to read back. Norsam provides an addressable microscope for automated readbacks. An independent evaluation of the durability done by Los Alamos Labs years ago exists.
Another option is to outsource it to someone like Amazon. Have you looked at their Glacier project? They claim an average annual durability of 99.999999999%. It is targeted specifically for long-term data archival storage.
A fourth option that comes to mind is to not treat the archive as a cold storage, dump and forget but actively manage it? This is speculative but I'd be happy deploying a highly redundant RAID array and then spinning it up on a cycle often enough. Sure, disks will die but you can replace them. Dealing with technology obsolescence would be tricky but could be managed. At least the fact that you can actually read the data, say, at 6 month intervals gives you confidence that the data will actually be accessible when you do want to read it.
A highly non-conventional way of doing this would be rolling out something like Hadoop Distributed File System (HDFS) on existing servers your company already owns & just keep a policy to maintain the system & port the nodes to newer hardware as and when the company grows.
My experience has been that if data isn't being regularly read it gets hard to be sure that it can actually be read when the time comes.
In general I would try to not put all your eggs in one basket. If you have the budget incorporate redundant strategies. Hedge your risks.
A cynical question to ask would be, what's the expected life of your company anyways and is the data expected to be able to outlive the company? If so, you really need either a third party solution (where you trust the third party's ability to survive more than you trust your own company. PS. Who pays for storage once your company is dead?) or a true cold storage solution where the data just continues to reliably live on and on (where would you physically keep the media if your company no longer exists?) irrespective of if the company exists.
@curious_cat has a great answer.
I'm going to add a few other areas, though.
First, what's your budget for this? You need the budget in three areas:
- Capital and operational expenditure for inital start-up
- buying HD-Rosetta capable addressable microscopes, equipment to etch stone or clay tablets, OCR scanners that can handle stone or clay tablets, etc.
- multiple times, for geographically redundant sites
- additional expense for secrecy - if you're storing encryption keys, they should also be protected.
- this makes outsourcing either reading or writing very difficult over a decades long timeframe - the new owners of the vendor you used may well have your data, and may not care about your company's privacy, and you may have limited legal leverage, particularly if they're in a different national jurisdiction than the original owners.
- Ongoing operational expenditure
- Keeping training materials up to date
- training new employees over decades on procedures they'll only use once
- regular (no less than annual) random, verifiable test reads
- adding additional data to the long-term store
- equipment replacement as time goes on
- geographical redundancy - as the company changes, adjust your storage sites, as the company may move operations to or from countries or even continents
- End of life expenditure
- Unless you choose stone or clay tablets, you're going to have to continually transition to new technologies over the years.
- End of retention for whatever data reaches final end of life probably requires its destruction, which is interesting and fun for stone or clay tablets, but difficult for outsourced storage
- i.e. how do you get them to purge the data from their own backups?
I'm also interested in the practicalities of paper backup, in particular tools that allow adding error-detection and error-correction capabilities similar to what RAR does for archives (i.e. dial-your-desired-security), and perhaps encodings that are more efficient and/or robust in the face of OCR than, say, base64.
Have you considered combining paper storage with machine readable data? I am thinking encode the key data on the paper not only as human readable printed text (as a last resort) but also in a "machine readable" format so it can be easily re-imported without having to either trust OCR or type each and every character and hope you get it right. Something like (depending on your key size of course) QR codes (they can take up to 2,953 bytes of data in each QR code).