What does zero-knowledge encryption mean?
Zero knowledge, or a no-logs policy, means that every bit of information is treated with complete confidentiality. The company provides the software or service, but all the data remains on the user’s side.
In encryption, zero-knowledge means that data is secured with a unique user key, which the app developer does not know. With zero-knowledge encryption, no one but the user can access their encrypted files.
What is zero-knowledge proof?
When you upload your files to NordLocker Cloud, you alone know what’s in them. But then if you edit or delete any of them, how do we know what to change without knowing what you uploaded? A concept known as zero-knowledge proof can help us answer this question. In other words, it helps clarify how you can prove you know something confidential without revealing any of the information. Or in our case, how we can make changes to your files without knowing what’s in them.
Imagine someone holding two different-colored balls in front of you. Let’s say the green ball is in the left hand and the red ball is in the right one. You close your eyes and when you open them, the green ball is now in the right hand, and the red is in the left. You can confirm they’ve been switched without revealing any more information.
This example may sound basic, but the key here is repetition. You may guess the balls correctly the first or second time. But repeat the exercise a thousand times and only someone who knows will be able to answer correctly every single time.
Can zero-knowledge encryption work in the cloud?
Most users of encryption apps understand that it’s much easier to protect your privacy if you stay offline. However, zero-knowledge encryption can work even in the cloud. Unlike cloud storage providers that track everything you upload, NordLocker deals with encrypted data only.
How does zero-knowledge encryption work in the cloud?
Every time you drop a file into NordLocker, complex mathematical algorithms and ciphers scramble that data. It can only be unlocked with a secret key, one that only you know. You also get to choose if and when to upload files to the cloud for easy access and when to remove them. Whatever is uploaded to the cloud has already been encrypted with your key, so that data remains confidential and protected from hackers, data collection, or surveillance.
The benefits and drawbacks of encryption
Zero-knowledge architecture is generally viewed positively. And not just for the user’s sake. A business that handles data this way is safer because it can’t accidentally expose user data. If all passwords and files are end-to-end encrypted, hackers can’t steal them. And even if hackers do get into the server, they won't be able to decrypt any data. It’s much easier for a business to protect its reputation, prevent ransomware attacks, and comply with privacy laws when it uses zero-knowledge encryption.
Of course, most benefits focus on the user. Zero-knowledge policies help them keep their privacy and stay secure online even if they don’t understand the complexities of end-to-end encryption or zero-knowledge architecture. However, many companies employ user data to build new or improve old features. Privacy-focused companies, on the other hand, don’t have this luxury and may need more time developing features.
How does NordLocker use zero-knowledge encryption?
We aim to help you become the owner of your data. This means that nobody, even us, is able to peek into your files without your permission. We don’t store master passwords or recovery keys or collect data. Your files, whether you store them locally or on NordLocker Cloud, are encrypted on your device with a key that’s derived from your master password.
How is this different from the mainstream cloud providers? Traditionally, they hold the keys, so they can authenticate you and help you handle your data. But this can lead to data leaks, password breaches, and sometimes even shady marketing practices. Since zero-knowledge focuses on user privacy, there is none of that with more secure services.
What does zero-knowledge encryption mean to you?
Zero-knowledge encryption helps you protect your privacy. As we stated earlier, only you have access to your files. No one else, including NordLocker, knows what you encrypt and store on your computer or in your NordLocker cloud storage. Even if our servers were breached, hackers wouldn’t get away with much because you hold the encryption key.
Anyone who uses encryption must remember one important thing. Companies that collect data know your name, email, password, and much more. That’s how they can help you if you ever forget your password or delete a file. But zero-knowledge encryption is also about security. The master password you created and the auto-generated recovery key are the only ways to get to your files. If you forget your master password and don’t have your recovery key, you could potentially lose your files too.