ARCHISTAR has the aim of developing trustworthy and secure archiving systems for use in storing sensitive information at partially trusted external service providers. ARCHISTAR is based on a distributed structure and the consistent use of cryptographically secure procedures. This combination makes it possible to securely store private information in a storage pool for a long time without violating data integrity or reliability and ensures a high degree of robustness, error tolerance and availability. The data are split into individual parts using secret sharing methods and stored in different storage nodes. A sufficient number of shares is required to read the data. The individual storage node has no information about the data stored in it and thus cannot corrupt the overall system. A storage pool based on the ARCHISTAR principle thus securely protects data against external and internal attacks, unlike most systems that provide protection only against external attacks.


  • A distributed storage system places lower demands on the trustworthiness of individual nodes (data centres, hosters, storage providers, storage clouds).
  • Individual storage nodes cannot read data; neither regular administrators nor (digital) intruders have access to clear text data.
  • Verifiable information theoretic security; even in the long term, attackers have no possibility to decrypt the data as long as only a small number of storage nodes is compromised.
  • The storage nodes are only responsible for availability.
  • There is no direct encryption, i.e. no sophisticated key management required and no total loss of data in the event of key loss.
  • The system can be configured based on the number of storage nodes and the minimum number of shares required for data reconstruction (high reliability and resilience versus high data security).
  • Good scalability and configurability; nodes can be dynamically added or removed even during runtime.
  • Authenticated storage of documents in trusted nodes (e.g. digital will or confidential contracts deposited with “data notaries”).


  • Secret sharing is used to split the original message into n parts; a defined number t of shares is required to reconstruct the original data.
  • The data are distributed between different storage nodes.
  • A minimum of t storage nodes must make their shares available to be able to read the data in clear text.
  • The additional use of integrity checking and error correction procedures serves to identify corrupt nodes.
  • A configuration n>t increases the availability of the overall system as compared to the individual system.
  • Applications in the storage backend of businesses (relatively static configuration with only a few well protected nodes) as well as for end user data (dynamic and strongly distributed solution for the Internet).