Zero Knowledge Encryption Explained

Zero Knowledge Encryption

Zero knowledge encryption is one of the most powerful concepts cryptographers have developed so far. Nobody but yourself is able to access the files in the cloud. Sounds simple enough, but is it? Well, I am sure a lot of you have heard of this before, some of you never and some of you are here to find out more about it. Let’s apply these words to a simple case in the real world. That way we’ll all understand it better.

Building Zero Knowledge Encryption On An Example

For example, let’s take a heavily guarded mansion. Inside that heavily guarded mansion is a vault with very important information on a random topic. For the purpose of the discussion, let us say that the vault can’t be broken in. You can’t picklock it and you can’t blow the doors open. The only way to get in or out is by using keys.

In case there are 2 keys: One key is with the owner and the other key is with the guards in the mansion. If thieves wanted to get that information from the vault they would first have to steal the key from the guards and then just open the vault.

In case there’s one key: The only key is with the owner and owner is not in the mansion. If thieves were already in the mansion there’s no way that they could have opened that vault, no matter what.

Now let us try to translate that case into a cloud service platform.

Translating Zero Knowledge Encryption To A Cloud Service

The case where there were 2 keys would represent cloud services with no zero knowledge platform. Cloud services like that might encrypt and protect your files, however, they own the keys to your files as well. Your files can be accessed by people that have high authority in that company. If there’s a breach in the system, either by a hacker or an insider, they can just steal the keys and have access to your information(just like with the vault).

And the case with one key would represent the cloud services with a zero knowledge platform. Since the cloud company doesn’t have the keys to your files there’s no way that your files can get compromised. Even if there’s a security breach your files will stay safe since you’re the only one that can open them. That’s the beauty of this system. You have full control of your files.

Importance of Zero Knowledge Encryption

No matter how good internet services protected their servers and files in the past, a breach happened anyways, which resulted in a major exposure of people’s files. According to www.gemalto.com, only in the year of 2015, there were 1,673 breaches which resulted in 707,509,815 records breached in total.

The files that were lost or either exposed included: photos, videos, private and business information like credit cards numbers, phone numbers, addresses, various legal documents and so on.

A few honourable mentions:

1. Anthem Insurance – This U.S. based health insurance company was attacked in January 2015. The attackers were aiming for people’s private information, which resulted in a theft of 78.8 million records, making it the largest data breach of the year.
2. General Directorate of Population and Citizenship Affairs – The attackers went for the Turkish government agency this time. The attack was branded as a major identity theft, resulting in 50 million records exposed.
3. Korea Pharmaceutical Information Center – The South Korean company that makes pharmacy management software was also attacked. Another identity theft breach, which resulted in the exposure of 43 million records.

Companies and agencies that were supposed to be well protected have been breached. What would have happened if they were based off a Zero knowledge encryption? The hackers would get nothing from it.

Best cloud services that use the Zero Knowledge Encryption

4.6/5 ★★★★★

PRICING & PLANS ★★★★★★★★★★	9.5/10
EASE OF USE ★★★★★★★★★✩	9.0/10
FILE SYNCING ★★★★★★★★★✩	9.0/10
FILE SHARING ★★★★★★★★★★	9.5/10
RETRIEVING FILES ★★★★★★★★★★	9.5/10
SECURITY ★★★★★★★★★★	10.0/10
SUPPORT ★★★★★★★★✩✩	8.0/10
ADDITIONAL FEATURES ★★★★★★★★★✩	8.5/10

PROS

• Zero-Knowledge platform
• Not subject to US Patriot Act
• Client-side encryption
• 30-day money back guarantee
• Easy to use, modern platform
• Great syncing, sharing and file retrieving options
• Unlimited bandwidth

CONS

• No live chat/phone support for individuals

Sync uses “Zero Knowledge” platform which guarantees your privacy by encrypting and decrypting your data client-side. Moreover, the encryption keys that are used to encrypt your files aren’t in the hands of Sync, but only you. Even the password to your account is unknown to them.

Read the Sync.com review here.

4.5/5 ★★★★★

PRICING & PLANS ★★★★★★★★★★	9.8/10
EASE OF USE ★★★★★★★★★✩	9.1/10
FILE SYNCING ★★★★★★★★★✩	9.0/10
FILE SHARING ★★★★★★★★✩✩	8.4/10
RETRIEVING FILES ★★★★★★★★★★	9.8/10
SECURITY ★★★★★★★★★★	9.5/10
SUPPORT ★★★★★★★★✩✩	7.5/10
ADDITIONAL FEATURES ★★★★★★★★★✩	8.5/10

PROS

• Great pricing options
• Interesting lifetime plans
• Modern and minimalistic user interface
• Twofish client-side encryption
• Responsive support
• Great Android & iOS mobile applications
• Two-factor authentication
• Crypto payments on lifetime plans

CONS

• No selective sync
• No block-level sync

Icedrive provides client-side encryption in its base service and applies to all of the files stored in the cloud which ensures complete zero-knowledge privacy. They use Twofish encryption instead of the AES protocol which makes them unique in the space.

Read the Icedrive review here.

4.5/5 ★★★★★

PRICING & PLANS ★★★★★★★★★✩	8.5/10
EASE OF USE ★★★★★★★★★✩	9.0/10
FILE SYNCING ★★★★★★★★★★	9.5/10
FILE SHARING ★★★★★★✩✩✩✩	6.0/10
SECURITY ★★★★★★★★★★	9.5/10
SUPPORT ★★★★★★★★★✩	9.0/10

PROS

• Distributed secure cloud storage
• One-time payment cloud storage
• Expandable cloud storage with hard drives
• Aims to reduce the CO2 imprint
• Easy to set up and use
• Up to 4 Cubbit accounts with one cell
• Zero knowledge privacy
• Client-side encryption
• Extensive support options

CONS

• Many of the features are still in development
• Limited advanced sharing capabilities
• No trash bin or file versioning
• No mobile applications (on roadmap)

[wpcd_coupon id=15420]

Cubbit is a unique beast on this list due to the way it provides cloud storage to its users through a distributed network of cells all across the world – which are in the hands of – you guessed it – users. Data is split into chunks and encrypted before being uploaded to a number of cells which ensures the zero-knowledge privacy that prevents anyone from viewing your files.

Read the Cubbit review here.

4.2/5 ★★★★✩

PRICING & PLANS ★★★★★★★★★✩	8.5/10
EASE OF USE ★★★★★★★★★✩	9.0/10
FILE SYNCING ★★★★★★★★★✩	8.5/10
FILE SHARING ★★★★★★★★★✩	8.5/10
RETRIEVING FILES ★★★★★★★★✩✩	8.0/10
SECURITY ★★★★★★★★★✩	9.4/10
SUPPORT ★★★★★★★★✩✩	7.5/10
ADDITIONAL FEATURES ★★★★★★★★★✩	8.5/10

PROS

• Free 15 GB of storage
• Excellent security & client-side encryption
• Well made sync client
• Useful mobile application
• Allows FTP connection

CONS

• Slow speeds at peak hours
• Limited support options

Mega is known for its good security protocol. It uses AES encryption to secure files. In addition to that, they don’t keep any of your passwords or master keys, only you have access to them. The only way to recover your lost password is with the master key which you receive upon registration. This makes Mega one of the more secure cloud services on the market.

Read the Mega review here.

4.6/5 ★★★★★

PRICING & PLANS ★★★★★★★★★★	10.0/10
EASE OF USE ★★★★★★★★★✩	9.0/10
FILE SYNCING ★★★★★★★★★★	10.0/10
FILE SHARING ★★★★★★★★★✩	8.5/10
RETRIEVING FILES ★★★★★★★★★✩	8.5/10
SECURITY ★★★★★★★★★★	9.5/10
SUPPORT ★★★★★★★★★✩	8.5/10
ADDITIONAL FEATURES ★★★★★★★★★✩	9.0/10

PROS

• Up to 10 GB of free storage
• Amazing syncing solutions
• Unlimited transfer speeds
• Easy to use
• Unlimited file sizes
• Client-side encryption
• Innovative lifetime plans
• US & EU Servers
• Desktop folder backup included

CONS

• No client-side encryption in the free plan
• No dedicated live chat/phone support

pCloud utilizes the so-called Crypto Folder to which you can upload your files. Those files are then encrypted by you and only you have access to them. No one, even pCloud’s administrators, will have access to your content. You also have to keep in mind that if you ever forget the password to your Crypto folder all of your files will be lost, since there’s no way to open the folder without it. pCloud also offers lifetime cloud storage plans.

Read the pCloud review here.

4.2/5 ★★★★✩

PRICING & PLANS ★★★★★✩✩✩✩✩	4.5/10
EASE OF USE ★★★★★★★★★✩	8.5/10
FILE SYNCING ★★★★★★★★★★	9.5/10
FILE SHARING ★★★★★★★★★★	9.5/10
RETRIEVING FILES ★★★★★★★★★✩	9.0/10
SECURITY ★★★★★★★★★✩	9.4/10
SUPPORT ★★★★★★★★★✩	9.0/10
ADDITIONAL FEATURES ★★★★★★★★★✩	8.5/10

PROS

• 14-day trial of paid plans
• Swiss privacy laws & Client-side encryption
• Amazing down/upload speeds
• Good sharing options
• Well made applications
• Great organisation of your files

CONS

• Limited free storage
• Quite expensive

Tresorit also offers excellent security through its zero-knowledge privacy but it comes with a high cost for anyone that wants additional storage. On top of that, the free storage that they do offer is very limited in terms of features that are necessary for cloud storage to be usable and increase productivity. But if you don’t mind paying a bit more, Tresorit is definitely a viable choice.

Read the Tresorit review here.

What do you think about zero knowledge encryption? Share your opinion in the comment section down below!