WO2024013363A1 - A system for long term data archiving in the internet - Google Patents

Abstract

The invention is related to a system (100) for long term data archiving in the internet, comprising a user device (10) connected to the internet for managing and for encrypting/decrypting user data by an expiring archive key (EAK); an archival backend (16) connected to the internet for transceiving encrypted user data to/from the user device (10) and for buffering the encrypted user data in a cloud storage (14); a blockchain gateway (18) connected to the internet for transceiving encrypted user data from the archival backend (16) and for writing/reading the encrypted user data into/from a blockchain (20) in a plurality of nodes using a distributed ledger technology; and a fleet of fleet devices (10) each connected to the internet for controlling decryptability of the archived encrypted user data by means of key sharding of the expiring archive key (EAK), wherein the fleet of fleet devices (10) is adapted to delete respective expiring archive key shards (EAKS) after expiry of the expiring archive key (EAK).

Description

A system for long term data archiving in the internet

[0001] In the course of the digital revolution, more and more digital or electronic data is being generated, collected and stored. There are various techniques for digitizing and archiving this information. However, since data in electronic form can be easily altered, measures must be taken to ensure that the data retained remains intact, easily accessible to the respective owners, and protected from unauthorized access.

[0002] For example, data with a retention period of up to 50 years or more requires an archiving system that ensures secure access to the data content until the retention period has expired.

[0003] Common practices for preserving data over long periods of time include regularly copying digital data to new media (including migrating the data to new file formats), archiving data on specialized media such as microfilm, and storing the media in highly protected environments such as mines, or storing data via a provider on the Internet.

[0004] The first two methods are cumbersome and expensive, and generally unavailable to the average user. The last method requires data to be shared with third parties, which entails an increased requirement for secure storage and access of data over a long period of time. For example, Providers of centralized cloud storage make copies of the data and store the copied data in different data centers for safety reasons. The large amount of data that is duplicated in this process generates costs and requires reliable handling of access rights.

[0005] In this context, Blockchain storage is another approach of saving data, which is based on a decentralized network. It utilizes the unused hard disk space of users across the world to store files. The decentralized infrastructure is an alternative to centralized cloud storage.

[0006] The Blockchain relies on distributed ledger technology (DLT). The DLT acts as a decentralized database of information about transactions between various parties. Operations fill the DLT in chronological order and are stored in a ledger as a series of blocks. An interconnected chain is formed between blocks with each one referring to the block before it, thus creating a blockchain. The interactions are recorded in the blockchain ledger, allowing the system to confirm and synchronize the transactions across so-called nodes in the blockchain. This kind of storage is designed to save these interactions forever, where stored data can never be changed or manipulated.

[0007] In view of the permanent storage in a blockchain, the handling of data which has a retention period or expiry date needs to be addressed. Thus, a practical archiving system is needed that allows users to store digital data having a expiry date securely and conveniently over long periods of time.

[0008] An object of the present invention is therefore to provide an improved system for long term electronic data archiving.

[0009] The above object is achieved by the claimed matter according to the independent claims. Further developments are defined in the dependent claims.

[0010] According to embodiments a system for long term data archiving in the internet comprises a user device connected to the internet for managing and for encrypting/decrypting user data to be stored in an internet archive by an expiring archive key, an archival backend connected to the internet for transceiving encrypted user data to/from the user device and for buffering the encrypted user data to be temporarily stored in the internet archive in a cloud storage, a blockchain gateway connected to the internet for transceiving encrypted user data from the archival backend and for writing/reading the encrypted user data to be stored in the internet archive into/from a blockchain in a plurality of nodes using a distributed ledger technology, and a fleet of fleet devices each connected to the internet for controlling decryptability of the archived encrypted user data by means of key sharding of the expiring archive key. In greater detail, the fleet of fleet devices is adapted to delete respective archive key shards after expiry of the archive key.

[0011] This time-based encryption of the data makes it possible to prevent access to the data after the archive key expires, even though the data is permanently stored in the block chain. In other words, this mechanism in combination with the blockchain enables an “expiring permanence” of stored data. Security on data access is guaranteed by the key sharding, which distributes parts or shards obtained from the expiring archive key to the fleet devices included in the system. After expiry of the archive key all its shards are deleted by the respective fleet devices ensuring that the data cannot be accessed anymore. This concept allows using blockchain storage even for data having a specific expiry date.

[0012] The user device may generate an archive key from random entropy to encrypt user data having the specific expiry date and allocating the expiry date to the archive key. It may also asymmetrically encrypt the expiring archive key by an encryption key of the user. Furthermore, the user device may shard the encrypted expiring archive key to the fleet of fleet devices, and it may store the encrypted expiring archive key locally.

[0013] In this context, the expiring archive key may be sharded by the user device onto the fleet of fleet devices by using Shamir Secret Sharing. This Key sharding or sharing is based on polynomial interpolation. The expiring archive key may be split into multiple parts, called shares or shards, which individually do not give any information about the key. To unlock the expiring archive key, a minimum number of shares or shards are needed. An adversary who discovers any number of shares or shards less than the required one will not have any additional information about the secured key. This mechanisms may provide a high level of secrecy.

[0014] Each of the user devices being part of the fleet of fleet devices may receive a respective encrypted expiring archive key shard from a dealing user device and the allocated expiry date of the archive key when an archive is created. Furthermore, the encrypted expiring archive key shard and the allocated expiry date may be written into a local database. Moreover, each of the user devices being part of the fleet of fleet devices may check for expired own archives and deletes its locally stored encrypted expiring archive keys if they should be expired. In addition, they may check if the encrypted expiring archive key shards in the local database are past their retention period and delete them if they should be expired. Moreover, they may update an archive’s retention policy by gossiping a message signed with a user’s system private key to the fleet of fleet devices to make the change.

[0015] This may enable an efficient redundant key management without requiring a central entity as used in other storage systems such as e.g., a cloud storage system. Furthermore, according to the above, an efficient data retention policy handling may be achieved. [0016] The user device, when archiving data in the blockchain, may optionally compress user data to be archived. It may symmetrically encrypt user data to be archived by the expiring archive key. Moreover, the encrypted user data may be transformed into a blockchain specific data item format for bundling the encrypted user data on the user device to form a user data item. The user device may then send, via the internet, the user data item to the archival backend.

[0017] In this regard, the archival backend may, when archiving data in the blockchain, temporarily store user data items received from the user device into the cloud storage. It may further bundle user data items to be archived in the blockchain as individual transactions. Following this, it may send the transactions to the blockchain gateway to be written onto the blockchain.

[0018] The data items may thus be buffered or temporarily stored in the cloud storage to accumulate said items before archiving them in the blockchain, which improves the data transfer.

[0019] In a setting up process, the user device may receive, from the archival backend, a user specific subscription API key. It may generate a system private key and an encryption key from a random mnemonic for future recovery. And it may register the user device to the archival backend.

[0020] Via the mnemonic the user device may restore its expiring archive key if it is lost or not stored locally as long as it is not expired.

[0021] Thus, in a restoring process, the user device may receive a user specific subscription API key and mnemonic. It may generate a system private key and an encryption key from the provided mnemonic. Furthermore, it may access an archived file system hierarchy via the backend gateway. It may then retrieve encrypted expiring archive key shards from the fleet of fleet devices. Thus, via the key sharding a user of the user device may recover the expiring archive key from its shards stored on the fleet of fleet devices, if they are not expired. [0022] The above object is also solved by a computer-implemented method for long term data archiving in the internet. The method comprises managing and encrypting/decrypting user data by an expiring archive key to be stored in an internet archive, by a user device connected to the internet, transceiving encrypted user data to/from the user device and buffering the encrypted user data to be stored temporarily in the internet archive in a cloud storage, by an archival backend connected to the internet, transceiving encrypted user data from the archival backend for writing/reading the encrypted user data to be stored in the internet archive into/from a blockchain in a plurality of nodes using a distributed ledger technology, by a blockchain gateway connected to the internet, and controlling decryptability of the archived encrypted user data by means of key sharding of the expiring archive key, by a fleet of fleet devices each connected to the internet. The fleet of fleet devices deletes respective expiring archive key shards after expiry of the archive key.

[0023] The method may further comprise generating an archive key from random entropy to encrypt user data having a specific expiry date and allocating the expiry date to the archive key, asymmetrically encrypting the expiring archive key by an encryption key of the user, sharding the encrypted expiring archive key to the fleet of fleet devices, and storing the encrypted expiring archive key locally. Said steps may be performed by the user device.

[0024] In this context, the encrypted expiring archive key may be sharded by the user device onto the fleet of fleet devices by using Shamir Secret Sharing.

[0025] The method may further comprise receiving a respective encrypted expiring archive key shard from a dealing user device and the allocated expiry date of the archive key when an archive is created, writing the encrypted expiring archive key shard and the allocated expiry date into a local database, checking for expired archives and deleting locally stored encrypted expiring archive keys if they should be expired, checking if the encrypted expiring archive key shards in the local database are past their retention period and deleting them if they should be expired, and updating an archive’s retention policy by gossiping a message signed with a user’s system private key to the fleet of fleet devices to make the change. Said steps may be performed by each of the user devices being part of the fleet of fleet devices. [0026] The method may further comprise optionally compressing user data to be archived, symmetrically encrypting user data to be archived by the expiring archive key, transforming the encrypted user data into a blockchain specific data item format for bundling the encrypted user data on the user device to form a user data item, and sending, via the internet, the user data item to the archival backend. Said steps may be performed by the user device.

[0027] The above object is also solved by a computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method as described above.

[0028] The above object is also solved by a computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method as described above.

BRIEF DESCRIPTION OF THE DRAWINGS

[0029] The accompanying drawings are included to provide a further understanding of embodiments of the invention and are incorporated in and constitute a part of this specification. The drawings illustrate the embodiments of the present invention and together with the description serve to explain the principles. Other embodiments of the invention and many of the intended advantages will be readily appreciated, as they become better understood by reference to the following detailed description. The elements of the drawings are not necessarily to scale relative to each other. Like reference numbers designate corresponding similar parts.

Fig. 1 is a schematic diagram illustrating a system for long term data archiving in the internet according to embodiments.

Fig. 2 is a schematic diagram illustrating data communications between components of the system according to embodiments.

Fig. 3 is a schematic diagram illustrating a method for long term data archiving in the internet according to embodiments. Detailed Description

[0030] In the following detailed description reference is made to the accompanying drawings, which form a part hereof and in which are illustrated by way of illustration specific embodiments in which the invention may be practiced. In this regard, directional terminology such as "top", "bottom", "front", "back", "over", "on", "above", "leading", "trailing" etc. is used with reference to the orientation of the Figures being described. Since components of embodiments of the invention can be positioned in a number of different orientations, the directional terminology is used for purposes of illustration and is in no way limiting. It is to be understood that other embodiments may be utilized and structural or logical changes may be made without departing from the scope defined by the claims.

[0031] The description of the embodiments is not limiting. In particular, elements of the embodiments described hereinafter may be combined with elements of different embodiments.

[0032] As used herein, the terms “having”, “containing”, “including”, “comprising” and the like are open ended terms that indicate the presence of stated elements or features, but do not preclude additional elements or features. The articles “a”, “an” and “the” are intended to include the plural as well as the singular, unless the context clearly indicates otherwise.

[0033] Fig. 1 is a schematic diagram illustrating a system 100 for long term data archiving in the internet according to embodiments. The system 100 comprises a user device 10, an archival backend 16, a blockchain gateway 18, a blockchain 20, and a fleet of fleet devices 10. The blockchain 20 is a peer-to-peer distributed ledger (not shown in Fig. 1) in which blocks are linked and secured using a cryptographic hash. The blocks are write-only data structures with no administrative permissions for editing or deleting of data. Each block is composed of transaction data along with a timestamp, the cryptographic hash of the previous block and a random number used to verify the hash. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The fleet of fleet devices 10 comprises the user device 10 and may include further devices 10. Fig. 1 illustrates four user devices 10 or fleet devices 10. However, a different number is possible. [0034] The user device 10 is connected to the internet for managing and for encrypting/de- crypting user data by an expiring archive key EAK, which regulates the temporary access to the encrypted user data as described in more detail later on. The encrypted user data is to be stored in an internet archive 12, which is representative for a data structure used for storing digital data such as a file system. It may be located in any kind of storage space on the internet, e.g., a cloud storage 14 or the blockchain 20. The user device 10 may send encrypted user data to be stored to the archival backend 16 or may receive encrypted user data from the archival backend 16 as indicated by an arrow in Fig. 1.

[0035] The archival backend 16 is also connected to the internet for transceiving encrypted user data to/from the user device 10 and for buffering the encrypted user data to be temporarily stored in the internet archive 12 in the cloud storage 14. This exchange is also is indicated by a corresponding arrow in Fig. 1. Temporarily storing the encrypted user data may allow accumulating the encrypted user data, which is then transferred as a data bundle in form of a transaction to the blockchain 20 for storage, or to the user device 10 requesting the data.

[0036] The blockchain gateway 18 is connected to the internet for transceiving encrypted user data from the archival backend 16 and for writing/reading the encrypted user data to be stored in the internet archive 12 into/from the blockchain 20 in a plurality of nodes using a distributed ledger technology as mentioned above.

[0037] In general, the distributed ledger is spread across several nodes on a peer-to-peer network, where each node replicates and saves an identical copy of the ledger and updates itself independently. This alleviates the need of a central authority. When a ledger update happens, each node constructs a new transaction, and then the nodes vote by consensus algorithm on which copy is correct. Once a consensus has been determined, all the other nodes update themselves with the new, correct copy of the ledger. Security is accomplished through cryptographic keys and signatures. In this regard, a node may be a physical server with one or more hard-disk drives (HDDs) or solid-state drives.

[0038] For example, in one embodiment, the internet archive 12 may reside in the distributed ledger of the blockchain 20, where the encrypted user data may be archived as a transaction updated across dozens of individual decentralized nodes serving as data stores (not shown in Fig. 1).

[0039] Furthermore, each one within the fleet of fleet devices 10 is connected to the internet for controlling decryptability of the archived user data by means of key sharding of the expiring archive key EAK. As will be described in the following, the expiring archive key EAK may be sharded (or splitted) into respective expiring archive key shards EAKS (or key parts) as shown in a simplified manner in Fig. 1. Each of the fleet devices 10 may receive an expring archive key shard EAKS of the expiring archive key EAK.

[0040] In greater detail, the fleet of fleet devices 10 deletes respective expiring archive key shards EAKS after expiry of the archive key EAK. This ensures that, despite the permanent storage of the encrypted user data in the blockchain 20, it can no longer be retrieved by the user device 10. Thus, it allows using the blockchain 20 as data storage with “expiring permanence.” In other words, it enables storing encrypted user data with an expiry date in the blockchain 20. In addition, key sharding provides an efficient key management that is secure from hacker attacks and user-friendly.

[0041] The user device 10 may create the expiring archive key EAK as follows. First, an archive key from random entropy may be generated to encrypt user data having a specific expiry date. Random entropy is commonly known as the randomness collected by an operating system or application for use in cryptography and is collected from hardware sources or randomness generators. The expiry date may then be allocated to the archive key. Next, the expiring archive key EAK may be asymmetrically encrypted by an encryption key of the user. It may be stored locally on the user device 10. However, in another embodiment, the user device 10 may not store the expiring archive key EAK locally, but delete the same after the sharding process. In this case, the step of checking for expired own archives 12 and deleting its locally stored encrypted expiring archive keys EAK if they should be expired, is not necessary to be executed by the user device 10. Independently on the storage, the encrypted expiring archive key EAK may be sharded to the fleet of fleet devices 10, as shown in Fig. 1.

[0042] In this context, the encrypted expiring archive key EAK may be sharded by the user device 10 onto the fleet of fleet devices 10 by using Shamir Secret Sharing. [0043] In general, Shamir’s Secret Sharing scheme is an algorithm that allows for information to be broken into many shares (or shards), while only requiring a fraction of those shares (or shards) to reconstruct an original secret. That is, it requires a minimum number of shares referred to as the threshold to reconstruct the original secret. If there is anything less than the threshold, the secret cannot be reconstructed, thus making Shamir’s Secret Sharing secure against an adversary such as a malicious attacker. In detail, Shamir’s Secret Sharing scheme relies on polynomial interpolation. It encodes the secret (e.g., the expiring archival key EAK) into a polynomial, then splits it into pieces (e.g., the expiring archive key shards EAKS) and distributes it. It is then possible to use polynomial interpolation to efficiently reconstruct the secret (the expiring archival key EAK) without requiring every single share (expiring archive key shard KS). Instead only the threshold is needed, which provides enough points of data to correctly estimate the values between gaps in the encrypted shares.

[0044] Each of the user devices 10 being part of the fleet of fleet devices 10 as described above may receive a respective encrypted expiring archive key shard EAKS from a dealing user device 10 and the allocated expiry date of the archive key when an archive 12 is created. Each of the user devices 10 that receives an expiring archive key shard EAKS and the allocated expiry date may store those into a local database. Moreover, the user devices 10 may check for expired own archives 12 and delete their locally stored encrypted expiring archive keys EAK if they should be expired. In addition, they may check if the encrypted expiring archive key shards EAKS in the local database are past their retention period and delete them if they should be expired. They further may update an archive’s 12 retention policy by gossiping a message signed with a user’s system private key to the fleet of fleet devices 10 to make the change.

[0045] In other words, the user devices 10 may periodically check whether locally stored expiring archive key shards EAKS are no longer valid, and if that is the case, delete them accordingly. Via said procedure access to encrypted user data may be regulated. For example, the dealing user device 10 may not be able to reconstruct its expiring archive key EAK through the key shards EAKS after their expiry. Also, expiring archive keys EAK that are stored locally may be deleted by the respective user devices 10 after their expiry. [0046] In addition, updating a policy may be easily achieved by sending a message that contains a user’s system private key. For example, in case that an expiry date needs to be updated or changed, a corresponding message is provided to the fleet of fleet devices 10 indicating a new expiry date of corresponding expiring archive key shard EAKS identified via the user’s system private key. This may provide an efficient key management that enables an easy and reliable policy handling.

[0047] In one embodiment, the user device 10 may, when archiving data in the internet archive 12, optionally compress user data to be archived. It may further symmetrically encrypt user data to be archived by the expiring archive key EAK. Furthermore, it may transform the encrypted user data into a blockchain specific data item format for bundling the encrypted user data on the user device 10 to form a user data item. It may then send the user data item to the archival backend 16 via the internet.

[0048] In this regard, Fig. 2 illustrates data communications between components of the system 100 according to embodiments. As can be seen in Fig. 2, the user device 10 may send the user data item to the archival backend 16, which is illustrated by arrow 1.

[0049] As described above, the archival backend 16 may then temporarily store user data items received from the user device 10 into the cloud storage 14 illustrated in Fig. 2. It may retrieve accumulated user data items from the cloud storage 14 and may bundle these items to be archived in the blockchain 20 as individual transactions. These transactions may then be sent to the blockchain gateway 18 to be written onto the blockchain 20.

[0050] This exchange of signals shown as arrows 2, 3, 4 in Fig. 2 may be periodically repeated as a loop L1 for archiving encrypted user data. In one example, it may be repeated every thirty minutes.

[0051] Moreover, optionally, in loop L2, a data item bundle transaction confirmation count may be requested from the archival backend 18 and received from the blockchain gateway 18 and the blockchain 20, which is indicated by dotted arrows 5, 6. [0052] The archival backend 18 may then send to the user device 10 a confirmation that the data item bundle transaction is confirmed and that the file is archived as illustrated by dotted arrow 7.

[0053] In a setting up process (not shown in Fig. 2), the user device may receive, from the archival backend 16, a user specific subscription API key. It may generate a system private key and an encryption key from a random mnemonic for future recovery. In addition, the user device 10 may register to the archival backend 16.

[0054] In one embodiment, the user device 10 may receive, after registering, additional information from the archival backend 16 regarding the other user devices 10 or fleet devices 10 (not shown in Figs. 1 and 2). This may enable an efficient communication between the user devices 10 or fleet devices 10 for exchanging key shards EAKS. Moreover, only authenticated and authorized user devices 10 may participate, which further increases the security of the system 100.

[0055] Regarding the mnemonic, it may be a seed phrase made up of twelve, eighteen, or twenty four words that may be used to generate the system private key and the encryption key. The mnemonic may be used to restore or regenerate said keys in case they are lost by the user device 10 or not stored locally on the user device 10.

[0056] For example, in such a restoring process, the user device 10 may receive a user specific subscription API key and mnemonic. It may then generate a system private key and an encryption key from the provided mnemonic to access an archived file system hierarchy via the blockchain gateway 18, in case the stored encrypted user data is not expired. And it may retrieve the encrypted expiring archive key shards EAKS from the fleet of fleet devices 10, if they are not expired. Using the encryption key it may then decrypt the respective key shards EAKS to restore or reconstruct the archive key for accessing the user data.

[0057] Fig. 3 is a schematic diagram illustrating a computer-implemented method for long term data archiving in the internet according to embodiments. [0058] In S100, user data to be stored in the internet archive 12 is managed and encrypted/de- crypted by the user device 10 connected to the internet via the expiring archive key EAK.

[0059] In S110, encrypted user data is transceived to/from the user device 10 to be buffered and stored temporarily in the internet archive 12 in the cloud storage 14 by the archival backend 16 connected to the internet.

[0060] In S120, encrypted user data is transceived from the archival backend 16 for writ- ing/reading the encrypted user data to be stored in the internet archive 12 into/from the blockchain 20 in a plurality of nodes using a distributed ledger technology by the blockchain gateway 18 connected to the internet.

[0061] In S130, the decryptability of the archived encrypted user data by means of key sharding of the expiring archive key EAK is controlled by the fleet of fleet devices (10) each connected to the internet.

[0062] The fleet of fleet devices 10 deletes the respective expiring archive key shards EAKS after expiry of the expiring archive key EAK.

[0063] The expiring archive key EAK used to encrypt user data having a specific expiry date may be generated by the user device 10 from random entropy. The expiry date may then be allocated to the archive key, which may result in the expiring archive key EAK.

[0064] In addition, the expiring archive key EAK may be asymmetrically encrypted by a encryption key of the user.

[0065] The encrypted expiring archive key EAK may be stored locally in the user device 10, which may shard the encrypted expiring archive key EAK to the fleet of fleet devices 10.

[0066] In another embodiment, the user device 10 may not store the expiring archive key EAK locally. [0067] As described above, the encrypted expiring archive key EAK may be sharded by the user device 10 onto the fleet of fleet devices 10 by using Shamir Secret Sharing.

[0068] Furthermore, data retention and policy handling may be performed as follows. First, a respective encrypted expiring archive key shard EAKS and the allocated expiry date of the archive key may be received from a dealing user device 10 by the user devices 10 being part of the fleet of fleet devices 10 when an archive 12 is created.

[0069] Further, the encrypted expiring archive key shard EAKS and the allocated expiry date may be written into a local database of the user devices 10.

[0070] Then, archives 12 of the user devices 10 may be checked and locally stored encrypted expiring archive keys EAK may be deleted, if they should be expired.

[0071] Also, the encrypted expiring archive key shards EAKS in the local database of the user devices 10 may be checked if they are past their retention period and deleted, if they should be expired.

[0072] In addition, an archive’s 12 retention policy is updated within the user devices 10 by gossiping a message signed with a respective user’s system private key to the user devices 10 to make the change.

[0073] When archiving data in the internet archive 12, the user data may be optionally compressed by the user device 10.

[0074] It may further be transformed by the user device 10 into a blockchain specific data item format used for bundling the encrypted user data on the user device 10 to form a user data item.

[0075] The user device 10 may then send the user data item via the internet to the archival backend 16. [0076] When archiving data in the blockchain 20, the user data items may be received from the user device 10 and temporarily stored into the cloud storage 14 by the archival backend 16.

[0077] The archival backend 16 may bundle the user data items to be archived in the blockchain 20 as individual transaction, and send these transactions to the blockchain gateway 18 to be written onto the blockchain 20.

[0078] In addition, a computer program product comprising instructions which, when the program executed by a computer, causes the computer to carry out the method as described above.

[0079] Furthermore, computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method as described above.

[0080] While embodiments of the invention have been described above, it is obvious that further embodiments may be implemented. For example, further embodiments may comprise any sub-combination of features recited in the claims or any sub-combination of elements described in the examples given above. Accordingly, this spirit and scope of the appended claims should not be limited to the description of the embodiments contained herein.

[0081] Embodiments and use cases of the system and method of the present invention

The expiry date is a predetermined date which may be set by the user. It can be a directly defined date or it can be also defined by a predetermined period starting from a specific starting date (like the death date of an author of copyrightable works or the date of creation of a document or the date of the upload into the blockchain). This predetermined period may be in a range between 1 day and 10000 years, or between 1 day and 1000 years, or between 1 day and 100 years. This predetermined period may be shorter than 100000 years, or shorter than 10000 years, or shorter than 1000 years, or shorter than 100 years. This predetermined period may be longer than 1 day, or longer than 1 week, or longer than 1 year, or longer than 10 years, or longer than 20 years, or longer than 30 years, or longer than 40 years, or longer than 50 years, but shorter than 1000 years. In Germany and many other countries, there are legal retention periods for certain professions; for example, architects must retain certain documents for 30 years, and notaries are legally obliged to archive wills for 100 years. At the same time, the law stipulates that the documents in question must be destroyed at the end of the retention period. The digital archiving system as claimed by the present invention fully complies with these legal requirements. In addition to all industries in which legal retention periods and the deletion of data upon expiration of the retention period are statutory by law, the invention is suitable for the following use cases, among others:

[0082] Copyright

The invention enables the reliable preservation of copyrightable digital works, such as photographs or sound recordings, for the duration of the period of protection, during which economic exploitation by the author and his heirs can take place. In Germany and the USA, the term of protection begins as soon as an author completes his or her work and ends 70 years after the author's death. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for preservation of copyrightable digital works, such as photographs and/or sound recordings. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a designer and/or an artist and/or his heirs. The fleet of fleet devices 10 may correspond to a decentralized or web3.0 social media community, in which copyrightable digital works of artists, designers, musicians, writers, in general all kind of authors of copyrightable works can share freely and/or give a licence for and/or take a licence for a download process of the encrypted copyrightable content. The fleet of fleet devices 10 is thus comparable to a decentralized closed internet or web3.0 user group, wherein access to data is only possible for group members and wherein deletion of data by a third party is not possible but only allowed to the creator or author of copyrightable works or his heirs or his assignee or his heirs at law. The data to be stored in the internet archive 12 may correspond to license contracts of the author with third parties related to the copyrightable digital works and/or the copyrightable digital work itself. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be 70 years after the author's death. After Expiry of the expiring archive key the copyrightable digital works will be deleted, wherein the author or his heirs at law can choose between a final deletion of the works and an automatic storing in the blockchain of the decrypted and freely accessible digital works being in the public domain after expiry of the period of copyright protection of 70 years after the author's death. The method 1000 may thus comprise a further step 140 of transmitting decrypted user data from the archival backend 16 for writing the decrypted user data to be stored in the internet archive 12 into the blockchain 20 in a plurality of nodes using a distributed ledger technology, by a blockchain gateway 18 connected to the internet, to provide free and eternal digital access to formerly copyrightable digital works being in the public domain after expiry of a legal period of copyright protection.

[0083] Foundations and human rights organizations

The invention's ability to store data permanently and unalterably in a decentralized manner makes it suitable for archiving documentation that would be at risk of being blocked or deleted from conventional servers, e.g. in other parts of the world. Access to the invention's data storage cannot be blocked due to its distributed architecture, and destruction of the data can only be carried out by its owner. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving documentation that would be at risk of being blocked or deleted from conventional servers. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a foundation and/or human rights organization and/or of an opposition member living in a rogue state The fleet of fleet devices 10 may correspond to a decentralized or web3.0 internet community, in which whistle blowers, political opponents, resistance fighters in rogue states can share highly relevant political content or explosive political issues for a download process of the encrypted critical political content. The fleet of fleet devices 10 is thus comparable to a decentralized closed internet or web3.0 user group, wherein access to data is only possible for group members (political opponents) and wherein deletion of critical data by a third party such as the government of a rogue state is not possible but only allowed to the creator or author of the critical data or his heirs or his assignee or his heirs at law. The data to be stored in the internet archive 12 may correspond thus to information to be freely spread without the risk of being blocked by censorship. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above critical data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be a date determined by the above organizations or opposition members only without access of a third party. Herein, the expiration date may be set to be a period between 1 day (if the access to this data should be very restricted) up to 1000 years (if the information is intended to be accessible for anyone due to spread of this information by group members living in a free country and sharing the decrypted critical data to everyone and/or by publication in the internet).

[0084] Publishing

The invention makes it possible for the first time to combine a printed publication with additional digital content that is as durable as the printed product itself, which can last for more than a century if stored properly. This also allows for digital updates to the printed publication. So when someone picks up the printed book in the next century, they will still have access to additional content that reflects the contemporary situation at the time the book was published. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving a combination of a printed publication and additional digital content. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a reader and/or a publishing company. The fleet of fleet devices 10 may correspond to a decentralized or web3.0 internet community, in which publishers can share freely and/or give a licence for and/or take a licence for a download process of the additional digital content of artists, designers, musicians, writers, in general all kind of authors of additional digital content. The fleet of fleet devices 10 is thus comparable to a decentralized closed internet or web3.0 user group, wherein access to additional digital content is only possible for group members and wherein deletion of data by a third party is not possible but only allowed to the creator or author of additional digital content. The data to be stored in the internet archive 12 may correspond to the above additional digital content. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be a date determined by the reader and/or the publishing company. The expiration date of the expiring archive key may be 70 years after the author's death. It is, in any case, very important that the critical data stays deletable by the publisher in case there are legitimate interests due to, for example, invasion of personal privacy, to delete respective digital content stored in the blockchain.

[0085] Banking

With this invention, banks can offer their customers a sovereign and private digital safe deposit box, to which only the bank customer has access, for the permanent, secure and private storage of digital valuables such as documents, digital currencies or NFTs. If the safe deposit box is rented for a period of 50 years, for example, the data will automatically self-destruct at the end of the rental period. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for providing a digital safe deposit box. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box and/or a client’s terminal of a bank and/or a bank customer. The fleet of fleet devices 10 may correspond to a decentralized closed internet or web3.0 bank customer group, wherein access to their own digital safe deposit box is only possible for respective group members and wherein deletion of digital safe deposit box data by a third party is not possible but only allowed to the creator or author of digital safe deposit box data. The data to be stored in the internet archive 12 may correspond to the above digital valuables. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be the end of the rental period (e.g. 50 years) of the digital safe deposit box.

[0086] Secure downloads

The fact that binary files are not only stored permanently, but also immutably, opens up new possibilities for providing - optionally temporary - software downloads that are of trusted origin as well as guaranteed to be genuine, i.e. not containing viruses, Trojans, ransomware or other malware. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for providing temporary software downloads that are of trusted origin as well as guaranteed to be genuine. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box and/or a client’s terminal of a software company or a company. The data to be stored in the internet archive 12 may correspond to the above software to be downloaded. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be the end of the above download period for temporary download determined by the company providing the software. This may be applied to software which should not be downloadable anymore, since there is already an updated or newer version available.

[0087] Confidential data storage and sharing

Organizations that work with confidential data or need to protect trade secrets can use the invention to create an isolated private storage environment that operates entirely without reliance on third parties. By using multiple access devices in different locations, data can be shared without going through intermediaries or third-party services. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for providing isolated private storage environment. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of an organization or a company. The data to be stored in the internet archive 12 may correspond to the above confidential data or trade secrets. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may set to a very short period such as 1 day to 1 week, or 1 day to 1 month, to prevent that shared data by the group members will be discovered by a third party such as a competitor or by industrial spying. [0088] Scientific publications

About 70% of all Harvard University scientific publications and about 50% of US Supreme Court opinions contain dead links because the content is no longer available (HTTP status code 404). This problem, which is ubiquitous on the traditional Internet, can be avoided by storing the referenced information in a publicly viewable manner on the permanent storage system of the invention. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving scientific publications. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a scientist and/or a scientific publishing company such as “Nature” or “Science” or a University and/or an R&D- department of a company. The data to be stored in the internet archive 12 may correspond to the above scientific publications. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be 70 years after the author's death. All features of the above mentioned authors of copyrightable works are also applicable to this embodiment.

[0089] Private Data Archive

With the growing need for digital privacy, the invention is suitable not only for businesses but also for individuals who are critical of traditional centralized cloud storage and who do not have the technical means to digitally store their private data, such as family and education records, personal documents and precious memories, for a lifetime and beyond. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving digital private data. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a private person. The data to be stored in the internet archive 12 may correspond to the above digital private data. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be a date determined by the above private person, for example the day of death of the private person. Since the day of death of the user is not predictable by the user, the day of death should be understood as a day on which an authorized party or heirs upload an authorization to set an expiration date in representation of the dead user. The expiration date of the expiring archive key may be also 70 years after the author's death. All features of the above mentioned authors of copyrightable works are also applicable to this embodiment.

[0090] Media Industry

In addition to the numerous applications of archiving in virtually all areas of the media industry, there are also very specific niche solutions that have only been made possible by the invention. For example, analogue music data carriers (vinyl, audio cassettes) are often accompanied by download vouchers that allow a high-resolution digital copy of the music to be downloaded. The invention enables such a digital service which, unlike conventional solutions, can last for several generations, just like the analogue carrier. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving media data, in particular high-resolution digital copy of music to be downloaded. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-T op-Box of a user and/or an artist and/or a media company. The data to be stored in the internet archive 12 may correspond to the above media data. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be expiry of a term of copyright protection or a date set by the media company and/or the artist. The expiration date of the expiring archive key may be also 70 years after the author's death. All features of the above mentioned authors of copyrightable works are also applicable to this embodiment. [0091] Document destruction industry

Instead of destroying paper documents at the end of the legal retention period, shredding companies can collect their customers' paper documents during the retention period, scan them and, using the system or method of the present invention, store them in a private data repository within the customer's access, where the certified and unalterable digital copy is automatically destroyed at the end of the retention period. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for document destruction. Herein, the method 1000 may include further steps of collecting customers' paper documents during the retention period, scanning the documents, and storing the scanned documents data as data to be stored according to the method 1000. The user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a customer or a document destruction company. The data to be stored in the internet archive 12 may correspond to the above scanned document data. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be the end of the legal retention period.

[0092] Healthcare

As the user initially has sole sovereignty over their data stored on the invention's storage system, this data is completely confidential and cannot be read by third parties without the owner's consent. This makes the invention particularly suitable for use in the healthcare sector, where most of the data processed is strictly confidential. In this case, the user can be the patient, the doctor or the administration, and in all cases the highest level of confidentiality must be guaranteed and numerous legal retention periods come into play, which in the healthcare sector can be up to 80 years. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving confidential health data. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a patient and/or a physician and/or a hospital and/or a medical center. The data to be stored in the internet archive 12 may correspond to the above confidential health data of a patient. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be the end of the legal retention period.

[0093] Government / Administration I Blockchain Patent Register

In many countries, changes to legislation and similar publications are published not only online but also in printed form for long-term documentation and traceability. Due to its longevity and immutability, the invention is suitable for use as a data storage medium for such publications, especially as the storage capacity of the invention is unlimited. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving legal or legislation data and/or publications. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a citizen and/or a governmental organization and/or an administration. The data to be stored in the internet archive 12 may correspond to the above legal or legalization data. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be set to a day in the far future, for example 1000 years after the upload date to the blockchain. In any case, there is still the possibility to delete the data on the blockcain, which would be not possible in a known blockchain archivation. There might be one application of this embodiment for providing a patent register in the blockchain. In this case, the expiration date of the expiring archive key may 18 month after application date, i.e. the publication date of a patent application. All features of the above mentioned authors of copyrightable works are also applicable to this embodiment, except the period of 18 month and access to the application documents to the applicant and the patent office only before the publication date. After publication date, the publication documents are decrypted and freely accessible on the blockchain. [0094] Humanitarian aid, NGOs, Centralized or Decentralized Charity Organizations

People who are suddenly forced to flee war or persecution often have no verifiable proof of education, skills or even identity. With this invention, humanitarian organizations, for example, could offer refugees and internally displaced persons not only shelter and material assistance, but also a digital application that would allow people in crisis areas to store their IDs and education certificates permanently and unalterably. They would not have to worry about losing them, as they would with their paper documents. Also donations to beneficiary customers in emerging countries on a peer-to-peer basis via crypto asset transactions (e.g. German Grandmother donates crypto assets to a young student in Tanzania) could be archived by the system 100, to enhance transparency of global decentralized charity. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving refugee’s or internally displaced person’s identity information and education certificates and/or crypto asset donation data linked to the ID and/or CV of the beneficiary customer. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a beneficiary customer and/or of a refugee and/or of an internally displaced person and/or of a Humanitarian aid Organization and/or of a NGO Office and/or of a Charity Organization, and/or of a blockchain node provider hosting a Decentralized Charity Organization being a Decentralized Autonomous Organization, DAO. The data to be stored in the internet archive 12 may correspond to the above refugee’s or internally displaced person’s identity, ID, and/or curriculum vitae, CV, data such as educational certificates or testimonials, and/or crypto asset or FIAT donation data. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be a date determined by the above refugee or internally displaced person or beneficiary customer, for example the day of death of the refugee or internally displaced person or the beneficiary customer. Since the day of death of the user is not predictable by the user, the day of death should be understood as a day on which an authorized party or heirs uploads an authorization or certificate of death of the user to set an expiration date in representation of the dead user. The day of death may be also defined as a date after which a dead man’s handle has not been triggered by the user (for example access to the blockchain or visiting/log in to the user device) for a defined period between 1 day and 70 years. The expiration date of the expiring archive key may be also 70 years after the author's death. All features of the above mentioned authors of copyrightable works are also applicable to this embodiment.

[0095] Contracts and insurance

Contracts and insurance policies are subject to terms, conditions, updates and retention periods that are binding on all parties. Complete documentation in digital form must be available for the entire term of the contract - in some cases for life - and must be tamper-proof, legally binding and confidential. In contrast to conventional storage technologies, the invention fulfils the technical requirements for complete digital contract documentation for contract periods of any length while maintaining confidentiality between the contracting parties. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving contracts and/or insurance policies. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a contracting party and/or of an insurance company and/or of a reinsurance company. The data to be stored in the internet archive 12 may correspond to the above contracts and/or insurance policies. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be a date determined by the contracting parties or the contract termination date.

[0096] Permanent assets prepared by lawyers and/or notaries and/or architects

In Germany, there are no retention periods longer than 10 years for commercial and tax purposes. In business, however, various documents such as patents, building plans, court judgments, property documents, shareholder agreements and personnel files should be retained indefinitely. Such documents with an unlimited retention period are called permanent assets. Their digital archiving on the storage system of the invention is recommended, especially for lawyers and notaries, due to its longevity and protection against forgery. Thus, according to this embodiment, the system 100 for long term data archiving in the internet may correspond to a system 100 for archiving register data or legal documents. Herein, the user device 10 and the fleet device 10 may correspond to a smart phone and/or a tablet and/or a computer and/or a server and/or a Set-Top-Box of a law firm and/or a lawyer and/or a notary and/or an architect. The data to be stored in the internet archive 12 may correspond to the above register data or legal documents such as patents, building plans, court judgments, property documents, shareholder agreements and personnel files. The archival backend 16 may correspond to a server of the inventor’s company connected to the internet for transceiving the above data. Herein, the cloud storage 14 may correspond to a data storage device of the inventor’s company or to a server of a third party cloud storage provider such as AWS. The blockchain gateway 18 and the blockchain 20 may use Filecoin, Interplanetary File System (IPFS), Sia, Arweave, or Storj, which are protocols that allow storing data permanently. The expiration date of the expiring archive key may be the end of the legal retention period. The period may be, for example, 100 years.

Claims

Claims

1 . A system (100) for long term data archiving in the internet, comprising a user device (10) connected to the internet for managing and for encrypting/decrypt- ing user data to be stored in an internet archive (12) by an expiring archive key (EAK); an archival backend (16) connected to the internet for transceiving encrypted user data to/from the user device (10) and for buffering the encrypted user data to be temporarily stored in the internet archive (12) in a cloud storage (14); a blockchain gateway (18) connected to the internet for transceiving encrypted user data from the archival backend (16) and for writing/reading the encrypted user data to be stored in the internet archive (12) into/from a blockchain (20) in a plurality of nodes using a distributed ledger technology; and a fleet of fleet devices (10) each connected to the internet for controlling decryptability of the archived encrypted user data by means of key sharding of the expiring archive key (EAK), wherein the fleet of fleet devices (10) is adapted to delete respective expiring archive key shards (EAKS) after expiry of the expiring archive key (EAK).

2. The system (100) of claim 1 , wherein the user device (10) is adapted to execute the following steps when creating the expiring archive key (EAK): generating an archive key from random entropy to encrypt user data having a specific expiry date and allocating the expiry date to the archive key; asymmetrically encrypting the expiring archive key (EAK) by an encryption key of the user; storing the encrypted expiring archive key (EAK) locally; and sharding the encrypted expiring archive key (EAK) to the fleet of fleet devices (10).

3. The system (100) of claim 2, wherein the encrypted expiring archive key (EAK) is sharded by the user device (10) onto the fleet of fleet devices (10) by using Shamir Secret Sharing.

4. The system (100) of claim 2 or 3, wherein each of the user devices (10) being part of the fleet of fleet devices (10) is adapted to execute the following steps: receiving a respective encrypted expiring archive key shard (EAKS) from a dealing user device (10) and the allocated expiry date of the archive key when an archive (12) is created; writing the encrypted expiring archive key shard (EAKS) and the allocated expiry date into a local database; checking for expired own archives (12) and deleting its locally stored encrypted expiring archive keys (EAK) if they should be expired. checking if the encrypted expiring archive key shards (EAKS) in the local database are past their retention period and deleting them if they should be expired; and updating an archive’s (12) retention policy by gossiping a message signed with a user’s system private key to the fleet of fleet devices (10) to make the change.

5. The system (100) of any one of the preceding claims, wherein the user device (10) is adapted to execute the following steps when archiving data in the internet archive (12): optionally compressing user data to be archived; symmetrically encrypting user data to be archived by the expiring archive key (EAK); transforming the encrypted user data into a blockchain specific data item format for bundling the encrypted user data on the user device (10) to form a user data item; and sending, via the internet, the user data item to the archival backend (16).

6. The system (100) of claim 5, wherein the archival backend (16) is adapted to execute the following steps when archiving data in the blockchain (20): temporarily storing user data items received from the user device (10) into the cloud storage (14); bundling user data items to be archived in the blockchain (20) as individual transactions; and sending the transactions to the blockchain gateway (18) to be written onto the blockchain (20).

7. The system (100) of any one of the preceding claims, wherein the user device (10) is adapted to execute the following steps in a setting up process: receiving, from the archival backend (16), a user specific subscription API key; generating a system private key and an encryption key from a random mnemonic for future recovery; and registering the user device (10) to the archival backend (16).

8. The system (100) of any one of the preceding claims, wherein the user device (10) is adapted to execute the following steps in a restoring process: receiving a user specific subscription API key and mnemonic. generating a system private key and an encryption key from the provided mnemonic; accessing an archived file system hierarchy via the blockchain gateway (18); and retrieving expiring archive encryption key shards (EAKS) from the fleet of fleet devices (10).

9. A computer-implemented method (1000) for long term data archiving in the internet, comprising: managing and encrypting/decrypting (S100) user data to be stored in an internet archive (12) by an expiring archive key (EAK), by a user device (10) connected to the internet; transceiving (S110) encrypted user data to/from the user device (10) and buffering the encrypted user data to be stored temporarily in the internet archive (12) in a cloud storage (14), by an archival backend (16) connected to the internet; transceiving (S120) encrypted user data from the archival backend (16) for writ- ing/reading the encrypted user data to be stored in the internet archive (12) into/from a blockchain (20) in a plurality of nodes using a distributed ledger technology, by a blockchain gateway (18) connected to the internet; and controlling (S130) decryptability of the archived encrypted user data by means of key sharding of the expiring archive key (EAK), by a fleet of fleet devices (10) each connected to the internet, wherein the fleet of fleet devices (10) deletes respective expiring archive key shards (EAKS) after expiry of the expiring archive key (EAK).

10. The method (1000) according to claim 9, further comprising: generating an archive key from random entropy to encrypt user data having a specific expiry date and allocating the expiry date to the archive key, by the user device (10); asymmetrically encrypting the expiring archive key (EAK) by an encryption key of the user, by the user device (10); storing the encrypted expiring archive key (EAK) locally, by the user device (10); and sharding the encrypted expiring archive key (EAK) to the fleet of fleet devices (10), by the user device (10).

11 . The method (1000) according to any one of claims 9 to 10, wherein the encrypted expiring archive key (EAK) is sharded by the user device (10) onto the fleet of fleet devices (10) by using Shamir Secret Sharing.

12. The method (1000) according to any one of claims 9 to 11 , further comprising: receiving a respective encrypted expiring archive key shard (EAKS) from a dealing user device (10) and the allocated expiry date of the archive key when an archive (12) is created, by each of the user devices (10) being part of the fleet of fleet devices (10); writing the encrypted expiring archive key shards (EAKS) and the allocated expiry date into a local database, by each of the user devices (10) being part of the fleet of fleet devices (10); checking for expired own archives (12) and deleting its locally stored encrypted expiring archive keys (EAK) if they should be expired, by each of the user devices (10) being part of the fleet of fleet devices (10); checking if the encrypted expiring archive key shards (EAKS) in the local database are past their retention period and deleting them if they should be expired, by each of the user devices (10) being part of the fleet of fleet devices (10); and updating an archive’s (12) retention policy by gossiping a message signed with a user’s system private key to the fleet of fleet devices (10) to make the change, by each of the user devices (10) being part of the fleet of fleet devices (10).

13. The method (1000) according to any one of claims 9 to 12, further comprising: optionally compressing user data to be archived, by the user device (10); symmetrically encrypting user data to be archived by the expiring archive key (EAK), by the user device (10); transforming the encrypted user data into a blockchain specific data item format for bundling the encrypted user data on the user device (10) to form a user data item, by the user device (10); and sending, via the internet, the user data item to the archival backend (16), by the user device (10).

14. A computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of claims 9 to 13.

15. A computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of claims 9 to 13.