Why you need to know about zero knowledge end-to-end encryption to protect your data, your privacy and ensure your online safety, explained using...
Lock your digital front door with zero knowledge encryption
So what is zero knowledge encryption?
It's easy to explain encryption: Encryption is the tool that makes it very difficult for messages to be read by hackers (or even curious colleagues). If you want to be truly safe, lock your digital front door with an encryption key and you're set!
However, not all encryption is made equally, which is where ‘zero knowledge’ comes in: no one will have any knowledge (of your encryption keys). We're going to talk you through how you can ensure your encryption keys remain in your possession only!
Let's imagine that a burglar is trying to break into your home. Your home alarm will go blaring when someone cracks the door open without cracking your security code.
The people with access to your code are you and the company that sold you your home security system. To get the security code from the security company, you have to answer the security question you and the company agreed on.
Now imagine that your thief has gotten the answer to your security question and calls your security company to get the code.
That's what encryption without ‘zero knowledge’ is. People who have no business reading your emails have gained access to your encryption keys, in this case your security code. Maybe your thief is the government who can call up your security company to demand the code, or maybe your thief works for your security company.
Zero knowledge encryption ensures that only you have access to the encryption keys. Well, you and your (authorized) recipient of course. This is because these encryption keys are stored separately from the cloud your emails and files are kept in. Not even your (email) security company has access to them!
Even if an unauthorized party gains access to your sent messages, all they will see is the encrypted message. In other words: The thief can see into your living room, but can't get in.
Click here to learn all about encryption.
Great! But why do I need zero knowledge encryption ?
There are several great reasons to start using zero knowledge encryption, especially if you want to send your emails securely.
- The number one reason: it's simply much safer. Not only does zero knowledge encryption protect your organization's data, but it also serves to protect the privacy-sensitive data of your customers, business relations and employees. This should be a business standard to keep everyone safe.
- Ever wanted the government to snoop through your personal info? Of course you don't. But that's exactly what the US CLOUD Act allows American governments to do: They can request your data if it's hosted on a US-based cloud service. Zero knowledge encryption protects you from the US CLOUD Act. As you can imagine, the CLOUD Act is also in direct violation of the GDPR.
So what can you do? By using zero knowledge encryption, the cloud provider can only release encrypted, unreadable data. You're the one who holds the encryption key to unlock the information. There: You're GDPR-compliant and thwarted the iron fist of the authorities!
Wanna know all about the CLOUD Act? Read it here.
- Last but not least : Zero knowledge encryption protects you against potential hackers. Even if a hacker succeeds in cracking your emails wide-open, they'll only be able to see the unreadable data. You're the one who holds the key, after all.
Now if your encryption keys were stored together with your encrypted message, in a cloud for example, we dare say that your burglar may as well ring your doorbell to let themselves in.
Are end-to-end and zero knowledge encryption the same thing?
Nope, but they complement each other. End-to-end encryption makes sure that your data is encrypted when it is sent (encryption in transit) as well as when it is stored (encryption at rest). Many major email clients use end-to-end encryption to ensure secure emailing. Rest assured that your email is unreadable when you send it out.
Now that we're on the topic of end-to-end encryption though... It simply doesn't provide the full range of protection you're looking for. It's sensitive to hackers, cannot withstand the American authorities, and simply put isn't safe enough. If third parties get ahold of your encryption keys, they can simply decode your email.
In order to keep our customers safe, SmartLockr uses end-to-end encryption with zero knowledge.
Additionally, we also send your emails through TLS 1.3 encrypted channels. This means that:
- Only you have access to your encryption keys (not even us!).
- Your emails and files are encrypted from end to end.
- Finally, the channel through which you send your emails is encrypted .
Want to learn more about encryption and how it protects you from the invasive CLOUD Act? Download our whitepaper "Is it safe to store data in a US-based Cloud provider?" to learn everything you need to know about Schrems II, Privacy Shield, encryption and the CLOUD Act. Just click the button below!