How Does Zero-Knowledge Encryption Work with Cloud Storage
Storing your data on the cloud is undoubtedly convenient – but it comes with its fair share of security concerns.
Your service provider has access to your data when you use a cloud storage service. So, what happens if that data is leaked or hacked?
The question plagues even the most reputable cloud storage providers. The best answer, for now, is zero-knowledge encryption.
Select a cloud storage service that utilizes zero-knowledge encryption for the absolute best online security and protection for your valuable files.
Here’s what you need to know about zero-knowledge encryption, including what it is, how it works, which providers offer it, and who needs it most.
What is Zero-Knowledge Encryption?
Zero-knowledge encryption is a pretty simple and straightforward idea to understand.
Simply put, your cloud storage provider never stores your username or password, not even on their own servers.
This lack of password storage might seem unimportant to those unfamiliar with Internet privacy and security at first.
Yet an increase in not only government surveillance of the Internet, but also a rise in the number of hackers, means that online security is more important than ever before.
Because the cloud storage provider doesn’t store your passwords on their servers, you must do all the work yourself.
They store the information related to your account in such a way that they can’t access it or open it, even if they tried.
You must enter all the information needed to access your data. There’s no way for the cloud storage provider to record the information you provide while logging in.
A good example is the “remember me” option you see while logging into some services.
Offering this feature requires the service to keep your login information in a cache. Those that provide such an option do not also offer zero-knowledge encryption.
There’s no way for the service to store this information without having access to your passwords and other login information.
How Does Zero-Knowledge Encryption Work?
Most online services, including traditional cloud storage providers, retain user login information.
This information is exactly what allows them to offer the abovementioned “remember me” feature that allows you to re-enter the service without typing your username and password each time you visit.
These traditional providers often place a sync folder on your hard drive as well. Most of the time this sync folder isn’t encrypted.
In addition to this sync folder, most traditional providers also place a cookie (or sometimes a meta tag) on your hard drive.
Finally, these traditional providers usually give users a way to enter their account if they lose or forget their password information.
Recovering your account information is typically done with a question/answer set up. You enter your pre-selected answer to a pre-selected question, and you can reset your login credentials.
Naturally, the way these traditional providers go about business leaves the door wide open to advanced hackers and others that want to access your information.
One of the most common ways hackers do this is by resetting the passkey saved to the provider’s server so they can then reset your login information.
Not only does this give them intimate access to the files you have stored with the cloud storage service, but it also enables the hacker to restrict you from accessing them yourself.
Zero-knowledge providers do away with these weak points. Not only are your files protected by encryption, but your login information is also completely in your hands.
You have complete control over your username and password. Additional infrastructure gives you complete privacy and secrecy.
These zero-knowledge providers keep no trace of your information, meta tags, or cookies.
Unfortunately, zero-knowledge encryption does come with a downside. If you forget your login information, there’s no way to access your account. You can’t recover the data protected within.
Of course, most people that choose a zero-knowledge provider over a traditional provider are well aware of this slight risk.
They prefer to be in complete control of their information because it’s the best protection currently available against internal and external hacking.
Who Offers Zero-Knowledge Encryption?
Like we’ve mentioned several times already, not all cloud storage providers offer zero-knowledge encryption.
In fact, most cloud storage providers don’t offer it. They offer users convenience (from not entering their username and password with each use) in favor of security.
Even more surprising is that some cloud storage providers don’t even offer adequate encryption (or any encryption at all) on their files. People with good enough hacking skills can easily access the stored files.
So, which cloud storage providers do offer zero-knowledge encryption? A few of the most popular include:
- Sync – Files are encrypted before leaving your computer. No user login information is ever stored. Information is still protected during a breach.
- SpiderOak – Login information is never stored on servers. All files are encrypted.
- pCloud – Encrypts files on your computer before they’re sent to the server. No login information is stored for zero-knowledge.
- Tresorit – Encrypts files and doesn’t store login information. A bonus is single-click syncing and backup.
- Mega – Offers complete encryption as well as encrypted sharing of files. Doesn’t store login information.
With the popularity of zero-knowledge encryption on the rise, and the threat of hacking increasing, more and more providers are starting to offer the security feature.
We believe that the majority of cloud storage providers, as well as companies offering other online services, will offer zero-knowledge encryption shortly.
You don’t want to be caught using a cloud storage service that doesn’t offer zero-knowledge encryption if your files are sensitive.
Even if the provider you’re using is extremely trustworthy, there’s no reason to risk your login credentials (and thus your data) falling into the hands of hackers.
Zero-knowledge encryption is currently your best bet against hacking. And since cloud providers are often targeted by hackers, we strongly recommend seeking a service that offers this feature.
Even if your privacy needs don’t justify such a high level of security, the affordable price of many of these services makes selecting zero-knowledge encryption a no brainer.