I am sure you’ve heard the term client-side encryption or ‘zero-knowledge’
But maybe are not familiar with what it really means, or how it works. Well, today is the day my friend. This blog post is meant to run you through the basics of client-side encryption and get you better informed on what measures are available in terms of securing your data. Let us address some FAQ :
1.What is client-side encryption (CSE)?
CSE is a security and privacy measure to keep data safe; it is a technique that uses cryptography to encrypt files before they leave your computer to any other destination. Usually, the key to decrypt the files is stored on the client’s computer. Some common CSE algorithms are: ‘RSA’ or ‘AES’.
2.What is the benefit to having the key client-side?
The key contains the information used to decrypt your data. When keys are stored on the client’s side you are the only one that has the capability to access your data.
3. Can my data be handed over in a court of law if I use client-side encryption?
In the United States, your computer cannot be decrypted on the basis of the Fifth Amendment. Canada however, does have a key disclosure law in place. The same way your house can be searched with a warrant or assistant order on the basis of probable cause, your data could be subject to search and seizure in certain situations. For more information on this visit (http://en.wikipedia.org/wiki/Key_disclosure_law)
4. What happens if I lose my password?
If a service provider is offering true CSE, there is no way the password could be retrieved. This is due to the fact that your service provider never knew the password and never had the access key in the first place. It is imperative to have these items backed up on your own system.
5. Does the type of computer I am using affect client side encryption?
Most computers built within the last decade will have no issue with performing CSE. The question becomes whether or not your computer itself is secure. CSE is only one piece of the puzzle and it only makes sense in the context of the whole picture. As long as you have taken proper measures to secure your computer, CSE effectiveness will remain uniform across different machines.
6. Does CSE work the same on my phone?
In the same vein as the question above, almost all ‘Smart Phones’ will have the computational power to perform CSE. The same technology that secures your HTTPS connection on your mobile phone will encrypt your files. However, the same limitation of security applies to phones. CSE will only be effective if you have taken steps to secure your device; otherwise, your data can still be read by anyone after the confidential files have been opened.
7. Are there any downfalls to using client-side encryption?
Key management is one place where the whole system has the potential to break down. Besides the possibility of forgetting your passwords, there can be a potential risk in the storage of access keys. When individuals do not take steps to make sure their keys are secure, their data can become vulnerable to a breach because they become exposed.
Thanks for reading along; this has been a brief run through of client side encryption. For any other questions, just email us at firstname.lastname@example.org.