Zero-knowledge encryption

Make your documents inaccessible for everyone except you and your team.

Zero-knowledge encryption | Tresorit

In the last couple of years, data breaches have reached an unprecedented magnitude and scale. We often hear that the cause of a breach is associated with hacking, malicious insider or social engineering. In reality these are not the actual causes, but the side effects of inadequate file storage and encryption. Service providers who only rely on in transit and at rest encryption are making files and passwords vulnerable to potential data breaches due to server-side decrypting processes. The most common scenario of vendor side data breaches is stealing the password database.

Tresorit is the only cloud collaboration tool which provides client side zero-knowledge encryption across all platforms, even from web browsers. This protocol ensures that no keys, passwords, files or any sensitive material ever get transferred in an unencrypted or reversible form. There is no point in time when encryption keys or unencrypted files are visible to the servers or Tresorit administrators. No one other than you and the people who you are explicitly sharing files and folders with have access to the encryption keys. Tresorit leaves no room for error when it comes to file security.

When to use?

  • No trust in the cloud

    Most cloud service providers sacrifice security for some additional usability features like integrations or real-time co-editing. In order to provide those services, they decrypt your documents on the servers and read them. In contrast, zero-knowledge solutions like Tresorit know nothing about the data and it’s virtually impossible for anyone to access them apart from you. Tresorit provides a unique approach by refusing to compromise in security while delivering outstanding usability.

  • Store mission critical files

    With Tresorit, every file gets encrypted automatically before being uploaded to the cloud. Thanks to the zero-knowledge encryption, only you have access to the encryption keys, not even the Tresorit administrators can access your files. This means, files stored in the cloud can only be read, by you. Even in a case of a data breach, only encrypted data would leak, which is still unreadable.

  • Share confidential files externally

    Tresorit encrypts everything on the sender’s device before being delivered to the cloud and decrypts files only on the recipient’s device. Thanks to zero-knowledge encryption, only you and your recipients have the encryption keys, preventing anyone else from reading the files - even Tresorit.

  • Secure collaboration

    Create encrypted data vaults called tresors, where you can work on documents with authorized collaborators from inside or outside your organization. Files are protected with zero-knowledge encryption that can be decrypted only by you and your approved collaborators.

“We wanted to have our own secure cloud environment and be independent of Microsoft because Microsoft doesn’t give me the feeling of a secure working environment”

Juergen Gassert, DTG’s managing director

Read their story

How does Zero-knowledge encryption work?

How Zero-knowledge encryption work


Zero-knowledge protocols ensure that keys, passwords, files and sensitive materials are never transferred in an unencrypted or readable form. There is no point in time when passwords, encryption keys or unencrypted files are visible to unauthorized users or Tresorit servers.

Ready to start working securely?

Unlike Dropbox, Tresorit uses built-in end-to-end encryption. Read more

Discover how Tresorit protects confidential files