Home » Blogs » Marco's blog

When we say "zero-knowledge" we mean it!

A true zero-knowledge web application knows nothing about its users and their data. We have been fascinated by this simple idea since 2005 when we started this blog. Since then it became our obsession.

We focused exclusively on exploiting Ajax and browser-based cryptography to build applications that users can wholeheartedly adopt to manage their private data. We started with a password manager, but we have more ambitious plans.

The whole point of writing a zero-knowledge application is to avoid the need for a trust relationship between the web application provider and the users.

It requires a strict discipline. It’s easy to fall for a new fancy feature that leaks some kind of information to the server destroying the whole zero-knowledge architecture. Clipperz won’t do compromises, won’t take shortcuts.

What Clipperz does know about its users

Every time a user loads the Clipperz login page, the following information are logged by Clipperz web server:

  • IP address (and therefore the geographic area)
  • request date and time
  • browser type and operating system

All of the information above can be linked to a specific account, once the user successfully logs in. Furthermore, for each account, Clipperz web application could save the following data:

  • date and time of account creation;
  • dates and times of every single access to Clipperz;
  • the number of cards;
  • for each card: dates and times of creation, modifications and access;
  • an estimate of the amount of information stored in each card, inferred from the length of the encrypted text (the estimate doesn’t include any details about the number of fields in that card or the presence of a direct login configuration);
  • date and times of every downloads of the offline copy.

Actually we are not storing all the data listed above, but this doesn’t make any difference since we could!

fingerprint

Bookmark/Search this post with:
Submitted by Marco on 17 August, 2007 - 11:08. tags:
»

But how much is 'zero', in a zero-knowledge application?

Submitted by Giulio Cesare on 22 August, 2007 - 01:58.

What we do know

No matter what we do, as we are running a web-based application, so there are some data that will be sent to our servers anyhow; we are receiving the same kind of information you would provide any web server when accessing its static content with your cookie enabled:

Other than this standard data, we also have access to other data for each user account:

  • number of cards created;
  • size of each card;
  • usage statistics on each card: when it was created, used and updated.

So we are not talking about “zero kelvin”; it is more like “zero fahrenheit”.

But this is all we got. Nothing else is stored intelligibly on our servers.

What we do NOT know

Let me please list some of the notable voices missing in the lists above:

  • email: we don’t ask any information to get back to you;
  • username nor password: we don’t know which credentials you have choosen to register to our service. It may sound very odd, but we can return your data even if don’t know your username. And whenever you change your password, your identifier on the database is changed too;
  • content: we don’t know anything about your cards, but their size. The title, the number of fields, the presence of a direct login configuration; nothing.

Direct logins

Direct login is a very nifty feature of our service, and we are quite proud of it, because we have being able to implement it without leaking any further information other than the one listed above:

  • we don’t know how many direct logins you have configured;
  • we don’t know for which sites you have a direct login configured;
  • we don’t know when you use your direct logins.

Other services are trying to imitate our direct login feature, but no one has being able to achieve our level of privacy and convenience.

»

Post new comment

The content of this field is kept private and will not be shown publicly.
Captcha
This question is used to make sure you are a human visitor and to prevent spam submissions.
Copy the characters (respecting upper/lower case) from the image.