BRU Encryption Module

The BRU Encryption Module add-on* encrypts archives as they are created.  Unlike the existing end-to-end encryption, archives remain encrypted while on tape or stage disk. Encrypted archives are not compatible with older versions of BRU which will report an empty archive.

The BRU Encryption Module uses the high-speed Phelix cipher developed by Whiting, Schneier, Lucks and Muller. Phelix includes a fused MAC (Message Authentication Code) that is used to confirm archive integrity. TOLIS Group uses the original x86 assembler implemention and has additionally implemented Phelix for x86_64 and PowerPC processors, donating these implementations to the public domain.

The throughput of the x86_64 implementation was measured at 2.6 cycles per byte, or an astounding 384 megabytes per second on a 1 GHz machine. Typical AES implementations encrypt at 50 megabytes per second. Because modern tape drives, networks and disk file systems have throughputs of ten to a hundred megabytes per second, encryption can easily become a substantial part of a backup running at these speeds.

Technical Description

Although Phelix is a symmetric stream cipher, using the same key for encryption and decryption, the Phelix key is itself protected by an Elliptic Curve Integrated Encryption System (ECIES), using the standard FIPS-186 P-256 elliptic curve. A user supplied passphrase generates a public/private key pair — the public key for encryption and the private key for decryption. At archive creation time, a cryptographically secure random number is chosen for the Phelix key, and is encrypted in the archive itself, requiring the private decryption key to decrypt it.

*The BRU Encryption Module is not available for BRU Desktop.