Use Merkle-tree-based storage

Why?

Backups can be authenticated as whole, not just individual VMs (at best).
Atomicity: When computer crashes during backup, partial backup does not cause problems.
It can obscure what file belongs to what VM. (But data usage patterns can still leak it, at least to some degree.)
Allows buffering volumes. (Better performance, can potentially obscure data access patterns when upload is reordered.)
Allow some data checks on remote. It can check hashes, because they are keys.

Rather a simple key-value interface:

get/set KDF params (operates with unauthenticated plaintext and simple KDF params format)
getRoot – returns signed root with timestamp
setRoot (or maybe compareAndSetRoot) – atomically stores a new signed root
getBlob – returns an encrypted blob by ciphertext hash
putBlob – uploads a new blob
deleteBlob – removes blob

The interface should be very similar to BackupStorageVM<->dom0, but dom0 has to verify the permissions and maybe handle encryption.

Directory structure would be implemented on top of the mentioned key-value storage as Merkle tree.

[ ] How to handle permissions to particular files without leaking any data?
[ ] How to buffer files in the target VM without leaking any data when maliciously modified? (When buffering, one has to send unauthenticated chunks.) Do we want this at all?
[ ] How to handle garbage collection? Maybe it will require parsing and traversing directory structure in dom0. OTOH, it should be a rather simple format.
[ ] When user removes a VM and creates a VM with the same name, should they be related in any way?