Zero Knowledge Encryption
Zero knowledge encryption is one of the most powerful concepts cryptographers have developed so far. Nobody but yourself is able to access the files in the cloud. Sounds simple enough, but is it? Well, I am sure a lot of you have heard of this before, some of you never and some of you are here to find out more about it. Let’s apply these words to a simple case in the real world. That way we’ll all understand it better.
Building Zero Knowledge Encryption On An Example
For example, let’s take a heavily guarded mansion. Inside that heavily guarded mansion is a vault with very important information on a random topic. For the purpose of the discussion, let us say that the vault can’t be broken in. You can’t picklock it and you can’t blow the doors open. The only way to get in or out is by using keys.
In case there are 2 keys: One key is with the owner and the other key is with the guards in the mansion. If thieves wanted to get that information from the vault they would first have to steal the key from the guards and then just open the vault.
In case there’s one key: The only key is with the owner and owner is not in the mansion. If thieves were already in the mansion there’s no way that they could have opened that vault, no matter what.
Now let us try to translate that case into a cloud service platform.
Translating Zero Knowledge Encryption To A Cloud Service
The case where there were 2 keys would represent cloud services with no zero knowledge platform. Cloud services like that might encrypt and protect your files, however, they own the keys to your files as well. Your files can be accessed by people that have high authority in that company. If there’s a breach in the system, either by a hacker or an insider, they can just steal the keys and have access to your information(just like with the vault).
And the case with one key would represent the cloud services with a zero knowledge platform. Since the cloud company doesn’t have the keys to your files there’s no way that your files can get compromised. Even if there’s a security breach your files will stay safe since you’re the only one that can open them. That’s the beauty of this system. You have full control of your files.
Importance of Zero Knowledge Encryption
No matter how good internet services protected their servers and files in the past, a breach happened anyways, which resulted in a major exposure of people’s files. According to www.gemalto.com, only in the year of 2015, there were 1,673 breaches which resulted in 707,509,815 records breached in total.
The files that were lost or either exposed included: photos, videos, private and business information like credit cards numbers, phone numbers, addresses, various legal documents and so on.
A few honourable mentions:
- Anthem Insurance – This U.S. based health insurance company was attacked in January 2015. The attackers were aiming for people’s private information, which resulted in a theft of 78.8 million records, making it the largest data breach of the year.
- General Directorate of Population and Citizenship Affairs – The attackers went for the Turkish government agency this time. The attack was branded as a major identity theft, resulting in 50 million records exposed.
- Korea Pharmaceutical Information Center – The South Korean company that makes pharmacy management software was also attacked. Another identity theft breach, which resulted in the exposure of 43 million records.
Companies and agencies that were supposed to be well protected have been breached. What would have happened if they were based off a Zero knowledge encryption? The hackers would get nothing from it.
Best cloud services that use the Zero Knowledge Encryption
pCloud$4.99/month 500 GB
Pricing & Plans10.0/10
Ease of Use9.0/10
- Up to 10 GB of free storage
- Amazing sycing solutions
- Unlimited transfer speeds
- Easy to use
- Unlimited file sizes
- Client-side encryption
- Innovative lifetime plans
- US & EU Servers
- No client-side encryption in the free plan
- No dedicated live chat/phone support
pCloud utilises the so-called Crypto Folder to which you can upload your files. Those files are then encrypted by you and only you have access to them. No one, even pCloud’s administrators, will have access to your content. You also have to keep in mind that if you ever forget the password to your Crypto folder all of your files will be lost, since there’s no way to open the folder without it. pCloud also offers lifetime cloud storage plans.
Read the pCloud review here.
Sync.com$8/month 2000 GB
Pricing & Plans9.5/10
Ease of Use9.0/10
- Zero-Knowledge platform
- Not subject to US Patriot Act
- Client-side encryption
- 30-day money back guarantee
- Easy to use, modern platform
- Great syncing, sharing and file retrieving options
- Unlimited bandwidth
- No live chat/phone support
- No linux client
Sync uses “Zero Knowledge” platform which guarantees your privacy by encrypting and decrypting your data client-side. Moreover, the encryption keys that are used to encrypt your files aren’t in the hands of Sync, but only you. Even the password to your account is unknown to them.
Read the Sync.com review here.
MEGA€4.99/month 400 GB
Pricing & Plans8.5/10
Ease of Use9.0/10
- Free 15 GB of storage
- Excellent security & client-side encryption
- Well made sync client
- Useful mobile application
- Allows FTP connection
- Slightly expensive
- Slow speeds at peak hours
- Limited support options
Mega is known for its good security protocol. It uses AES encryption to secure files. In addition to that, they don’t keep any of your passwords or master keys, only you have access to them. The only way to recover your lost password is with the master key which you receive upon registration. This makes Mega one of the more secure cloud services on the market.
Read the Mega review here.
What do you think about zero knowledge encryption? Share your opinion in the comment section down below!