• The questions

    Are you using hosted services to store your company's data?
    Do you have any idea how much companies like Google, Microsoft or Yahoo knows about you?
    Are your conversations on the web indeed private?
    What about personal online finance managers? How secure is your data stored?

  • The issue

    Online applications are a very convenient way to keep you data online, but what about security and privacy?
    Nowadays, web applications have a major drawback: you have to trust the web application provider that your data is guarded secure and safe from the prying eyes.

  • The philosophy

    We think that only the user should be the one responsible for own data.
    Moreover, we think that only the user should be able to read, change or delete own data.
    We think that no one, not even the web application provider should be able to read users' data.

  • The solution: zero knowledge web applications

    In rough lines, the zkBox's highlights are:
    Authentication to the storage without revealing anything about the user's password (zero-knowledge password proof)
    Encrypt and sign all the data before being sending it out to the online storage
    The data is stored in the online storage in its encrypted form (Host-proof online storage)
    Data is retrieved from the storage and decrypted on the client machine (the encryption key is never sent from the client)
    By implementing the above mechanisms we're ensuring that it's impossible for someone else to gain access to your data in its original form.

  • Under the hood

    zkBox comes as an API built on top of a persistent storage solution which provides authentication an authorization. AWS (Amazon Web Services) is used as storage backend (on own installation, SQL Server can also be used).
    Security algorithms used:
    Authentication: SRP 6a (zero-knowledge password proof protocol)
    Symmetric encryption: AES-256
    Digest: SHA-512
    Random generator: TRNG (with PRNG fallback)


    For a detailed description of the security solutions implemented in zkBox please visit the security page.

  • Application scenarios build on top of zkBox

    personal secure online backup
    online medical records
    bank transactions backup
    personal finances





    For a list of existing solution build on top of zkBox please visit the applications section.

  • Get started

    Are you ready to learn more about zkBox and how it can help you to secure your next application?
    If so, please visit the developers section.