Zero-Knowledge Encryption Explained

Written for buyers who are not cryptographers.

Zero-knowledge (in the product sense) means the operator of the service does not possess the secret that unlocks your data. For forms, the strongest version is: encrypt in the browser with keys the server never sees.

Public and private keys

Your browser creates a keypair. You share the public key so anyone can encrypt messages to you. The private key stays local. Cyphorm stores ciphertext produced with the public key—without the private key, it is not recoverable by us.

Why this beats “we encrypt at rest”

Disk encryption protects drives—but the application still decrypts data to show it to you. Whoever runs that application typically can access plaintext when needed. Zero-knowledge targets a different goal: the vendor should not be in that path at all.

Explore zero-knowledge forms at Cyphorm → · Can vendors read your data? →