Top Qs
Timeline
Chat
Perspective

Zero-knowledge service

From Wikipedia, the free encyclopedia

Remove ads

In cloud computing, the term zero-knowledge (or occasionally no-knowledge or zero access) is a commonly-used term for online services that store, transfer or manipulate data with a high level of confidentiality, where the data is only accessible to the data's owner (the client), and not to the service provider. However, unlike "end-to-end encryption", the term "zero-knowledge" does not imply any specific threat model or security notion, and its use is commonly frowned-upon by the security community.[1][2]

The term "zero-knowledge" was popularized by backup service SpiderOak, which later switched to using the term "no knowledge", acknowledging that the previous terminology was not technically accurate.[3]

Remove ads

Disadvantages

Most[citation needed] cloud storage services keep a copy of the client's password on their servers, allowing clients who have lost their passwords to retrieve and decrypt their data using alternative means of authentication; but since zero-knowledge services do not store copies of clients' passwords,[4] if a client loses their password then their data cannot be decrypted, making it practically unrecoverable.

Most[citation needed] cloud storage services are also able to furnish access requests from law enforcement agencies for similar reasons; zero-knowledge services, however, are unable to do so, since their systems are designed to make clients' data inaccessible without the client's explicit cooperation.

Remove ads

References

Loading content...
Loading related searches...

Wikiwand - on

Seamless Wikipedia browsing. On steroids.

Remove ads