SaferDrop

What is zero-knowledge (and why it matters for file sharing)?

When a service literally cannot read your data because it never holds the key — what that means in practice, and how to spot it.

A zero-knowledge service is one that is designed so it cannot read your data — not because it promises not to, but because it never holds the key needed to decrypt it. The privacy guarantee comes from the architecture, not from trust.

Zero-knowledge, defined

“Zero-knowledge” means the provider has zero knowledge of your content. Your data is encrypted with a key that lives only on your devices; the service handles only ciphertext. Even under a legal request or a server breach, there is nothing readable to hand over.

Zero-knowledge vs “we promise not to look”

Many services say they value your privacy — but if they could read your data, you're relying on a policy, not a guarantee. A policy can change, be misread by an employee, or be overridden by a court order. Zero-knowledge removes that dependency: the provider literally can't look, so the promise is enforced by math instead of goodwill.

How a zero-knowledge transfer works

  1. The encryption key is generated and kept in your browser.
  2. The part of the key carried in the link sits in the URL fragment (after #), which browsers never transmit to a server.
  3. A second secret — a PIN — is shared out of band (a separate channel), so the server never sees the full key.
  4. Only the sender and recipient can combine these to decrypt the file.

How to tell if a tool is really zero-knowledge

  • Where does the key live? If it ever reaches the provider's servers, it isn't zero-knowledge.
  • Can support recover your data? If yes, they hold the key. Genuine zero-knowledge means lost key = lost data.
  • Is the design explained openly? Zero-knowledge tools tend to document exactly how keys are handled.

Zero-knowledge in SaferDrop

SaferDrop is built to be zero-knowledge: each transfer's key is derived in your browser from a secret in the link fragment plus a PIN you share separately. Our servers only help the two browsers connect — they never receive the key, the file, or the file name. See what end-to-end encryption is for the underlying technique, or how SaferDrop works.

Frequently asked questions

Is zero-knowledge the same as end-to-end encryption?

They're related but not identical. End-to-end encryption is the technique (only the endpoints can decrypt). Zero-knowledge is the property that the service is built so it never holds the key and therefore cannot read your data at all. Good E2EE tools are zero-knowledge.

If I lose the link or PIN, can support recover my file?

No — and that's the proof it's genuinely zero-knowledge. If a provider could recover your data, it would mean they hold the key. With SaferDrop, losing the link or PIN means no one (including us) can decrypt the transfer.

Does zero-knowledge mean the service stores nothing about me?

Zero-knowledge is specifically about not being able to read your content. A service can be zero-knowledge while still holding minimal account or billing data. The point is that your files and their contents stay unreadable to the provider.

Send a file securely in seconds.

End-to-end encrypted, browser to browser, never stored. No account needed to receive.

Send a File