For many people, the biggest risk when using any of our best cloud storage and backup services is security: how do you know that your files will be safe? What happens when the authorities show up to your service’s offices with a warrant? Though these questions may not be a priority for everyone, does have a simple answer: use a zero-knowledge cloud service.

Zero-knowledge in this case means that no one besides you has the keys to your data, not even the service you’re storing your files with. Also known as private encryption, it is the ultimate way in which you can keep your data private, though it does come with a few downsides: most important of these is that if you lose your password, it is gone forever.

Though private encryption may not be for the faint of heart, if you do decide to opt for a zero-knowledge provider you can rest assured that no one will be able to ever access your data; just remember that you will belong to that group if you don’t remember your credentials. With that in mind, let’s take a look at some of the benefits of zero-knowledge encryption.

Zero-Knowledge Encryption: the Upside

Though many people don’t realize it, usually if you sign up for a service, any service, they keep a copy of your password somewhere. Though usually it is kept fairly safe, in theory someone can get to it. Though that kind of access is usually reserved for people too high up in the food chain to care about your holiday pics, it does present a risk if the company in question falls victim to cybercriminals or is presented with a warrant by law enforcement officials.

Providers that use private encryption solve this problem by not storing a copy of your password anywhere. Though the tech behind this can get complicated, what it boils down to is that rather than hand over the password, which is then verified by the service, you hand over the proof that you know the password. Again, the math gets tricky, but in practice it works just like any other provider: you type in your password and you get access.

The upshot of this is that even if a government agent shows up with a warrant, all they will get are encrypted files. While non-private encryption providers have to hand over files and their passwords, zero-knowledge services can’t give away customers’ password because they, well, have zero -knowledge. 

Do note, however, that if a cloud storage service offers zero-knowledge encryption, this does not automatically make them a secure cloud storage provider. There’s more to cloud security than simply hiding a password and if, say, their servers are badly encrypted, a cybercriminal or snooping NSA agent can just force their way in.

However, when done right, private encryption is the cherry atop the security cake that not only protects you from criminals, but also from government interference. Any of the selection of best zero-knowledge cloud services, for example, uses this tech in conjunction with all manner of encryption and other protocols to keep your data as safe as the bank.

Zero-Knowledge Encryption: The Downside

As nothing is perfect, private encryption brings with it a few downsides, the most important of which is that if you lose your password, it is gone. There is no retrieval possible, as the zero-knowledge service you’ve chosen only keeps the proof that you have the key, not the key itself. This means that if you’re even slightly scatterbrained, you need to avoid these services as you’ll only end up hating yourself when your data is stuck behind a digital wall with no way to get it back.

Besides the chaotic, the impatient may also want to avoid using zero-knowledge cloud services as they are usually quite a bit slower than less secure providers. This is actually not due to the private encryption itself, but rather because of all the other security measures used. SpiderOak, for instance, encrypts all your data on their servers as well as in transit, slowing down your up- and download considerably (for more information on this otherwise great service, check out our SpiderOak review).

Another downside is that using these super secure services means your user experience may sometimes suffer: though it is a particular favorite of ours, honesty compels us to admit that is less pleasant to use than other providers. Previewing pictures and documents, for instance, isn’t possible since its strong encryption prevents anything being loaded while in the cloud (for more information, make sure to check out our review).


As you can see, the massive upside of using a zero-knowledge cloud service comes with some downsides that may deter certain users. Though here at we feel that security and privacy should be paramount concerns for everyone, we also understand that others are less worried about whether or not a hacker can check out their amateur poetry or holiday snapshots stored in the cloud.

Sign up for our newsletter
to get the latest on new releases and more.

That said, if these downsides are the only reason standing in the way of you making the plunge, you should just go ahead: a password can be written on a well-hidden piece of paper, good planning means you’ll always have a few extra minutes to spare and previews are handy but not necessary if you name files in a smart way.

If you worry about the security of your files, going with any of our top providers, such as, SpiderOak or MEGA (we have a MEGA review if you want to know more), is the best way to go. Not only will you sleep easier, but, since most of them offer free plans, you’ll save on insurance, too (see our cloud services price comparison).

Hopefully this article has persuaded you to join the ranks of the security-conscious (in which case, maybe add one of our best VPN providers to the mix for that extra bit of anonymity); feel free to ask us any questions you may have in the comments below. Thank you for reading and stay safe.

Was this post helpful?

18 thoughts on “What Exactly is Zero-Knowledge in The Cloud and How Does it Work?”

  1. yes, please let me know which Free cloud storage sites have the ‘Zero Knowledge’ in place so that my data is safe from hackers. I was using the Free Microsoft One Drive for storing 1000 photos but don’t know if it is really safe. Microsoft let me know that i am already at 90% usage for the Free service but want me to pay. i also use Facebook for photos.

    1. Facebook is no place at all for storing photos. In order to save storage space, they compress the hell out of JPEG images and what you get back is far lower quality than the digital camera file that you uploaded.

  2. Well that was crazy informative! I pretty much knew the definitions already but this article was specific in pointing out the ups/downs. Thanks very much…

  3. You can have zero-knowledge with any cloud storage provider by manually encrypting everything before uploading to the cloud.

    1. That is what I started doing back in 1985. Today, I do both. I encrypt everything (into archive files) and then upload with a private encryption key. Like wearing two condoms.

  4. The bottleneck of network backup is always going to be the speed of the network. Any encryption or decryption process isn’t going to slow down a backup or restore at all unless something is very wrong with the service.

    Any backup service that doesn’t provide real zero-knowledge encryption presents a real risk to its customers, and therefore is not worth paying for.

  5. I think you’re all crazy even contemplating ANY form of online storage of your stuff! Especially business data. I say bring back the desktop PC and tower and store my stuff in my own house! It is no body’s business my mine, and even if they say they are no-knowledge and encrypted and all the rest, they can change that in an instant and you wouldn’t even know. Prepare to lose your business to a competitor when they figure out how to look at all your work!! Just sitting there, where you don’t have a clue who is looking at it. One thing is for sure; if it’s in that box on your desk in your office, you sure AS HELL know who is looking at it!! No one but you, right!? Where has the world lost it’s brains to.

    1. - Chief Editor

      Well, as explained in the article, that’s what zero-knowledge does: it makes it so that nobody but the person holding the keys can look at the encrypted data. As for the reason to store stuff in the cloud, we go over that in other pieces but what it boils down to is that it’s cheaper and more convenient that using the methods you advertise. But, to each their own, of course.

    2. The survivors of the Camp Fire in northern California would differ with your opinion. In many cases the fire was so intense and lasted so long that even the contents of “fire proof” safes in residences were turned to ash. Think about what that did to personal computers in the residence and businesses.

  6. I backup family photos and ~300 CDs of music on EZ-To-Share Dropbox (16 free gigs) and G-drive. Daily incremental changes to financial, tax, biz data go to a 2TB external drive, and at EOM all F-T-B files join past 23 Full Month BUs as well as recent music and pix.
    Also at end of every month all F-T-B data replaces prev month’s on 3 flash drives which are stored in multiple off site locations in case a commuter plane crashes into my basement as Colgan Air’s Flight 4703 did at a home a few miles from here in 2009.

  7. Is there a way to really, I mean REALLY, know and check that files I upload to zero knowledge cloud service are indeed encrypted and not readable with any other key but one stored at my device? Is there a zero knowledge test for zero knowledge based cloud services?

    1. - Chief Editor

      Good question. As far as I know, there’s no way to test it directly, so you can’t run a script or something. What we do, is upload something prohibited by the service (porn, usually, or pirated stuff) and see if we get a warning. That works relatively well. However, if anybody reading this knows a good way to test, let us know!

        1. - Chief Editor

          That whatever you uploaded goes against the T&C of the service. Which, in turn, means that the service has been snooping which shouldn’t be possible if the zero-knowledge is working as advertised.

  8. I’ve been researching this, but it’s a little complicated for me, so I’ll just ask the question, using as the example.

    I can accept that I install on my laptop and the decryption key stays on my laptop. Therefore, cannot decrypt my files and cannot give up the key to anyone. Yay!

    But then I install on my phone. How does the decryption key get from my laptop to my phone if doesn’t have it?

    1. - Chief Editor

      The key isn’t on your laptop, that would be very unsafe. Instead, the countersign for your key is kept by the service. The linked pieces in the article get into more detail.

Leave a Reply
Your email address will not be published. Required fields are marked *

Also interesting
BitTorrent Sync vs Cloud Storage
How to Encrypt Your Data for Cloud Storage
State-of-the-CloudNordSec: NordVPN Shelters Under a New Umbrella With a New Friend
How to Uninstall Microsoft Edge in 2020: Harder Than You’d Think
Most popular on Cloudwards
Cloud Storage ReviewsBest Free Cloud Storage for 2020
Dropbox vs Google Drive vs OnedriveDropbox vs Google Drive vs Onedrive: Comparing the Big Three in 2020
Best VPNs That Beat The Netflix VPN Ban in 2020
How to Unblock YouTube: Video Streaming for Everyone