Zero-knowledge servers

The essence of “zero-knowledge servers” is that they do not have knowledge of the structure and content of the data they store, send and receive. This means they are not able to use that data in any way, and neither are individuals and devices that have direct access to it.

Servers of this type are often part of client-server systems which use client-side encryption, where the server’s role is usually limited to storing encrypted content. Such servers can not have access to passwords (keys) required for deciphering the data.

In many business applications, however, there is an exception to the above rule, that is of the “total ignorance of servers”. Depending on the requirements, application servers may have knowledge about a particular part of the structure of data, which is used by the company.

This approach works well in projects prepared for companies which need communication or data sharing with existing applications. Another key factor that often influences decisions on which data must remain decrypted is the convenience of the users.