Zero Knowledge Architecture, is it possible?

How to protect users privacy?

Let's talk about a Digital Health Notebook
Is it that good?

Share the data:
What, Who, How?

The Data is sensitive

Where is the data stored?

Where does the data go?

We build complex stacks

Take the power back

  • Choose which data to share
  • Give permissions to access it
  • Set expiry date

ZKA is a development pattern which provides a way to give access to users data for third-party apps, with the guarantee that untrusted services can’t access those plain data without any permission.

Designing a Zero-Knowledge app

piece of information produced by the user
user’s application
third-party app that need to access the data
Cryptographic asymmetric keys (RSA / EC)
Client/Service Virtual ID card
Distributes the data/identities

Core Concepts

  • Zero Knowledge Proof Authentication
  • End to End Encryption
  • Encrypted data only
  • Non-naive approach

Meld them!

The Crypto Part

  1. Password
  2. Intermediate Certificate, signed with the app CER available on the server
  3. Two pairs : authentication (signature), data (encryption)
  4. Public Keys and Private Keys Hashes are uploaded to the server
  5. Private Keys are stored in the Client with the Intermediate Certificate

Zero Knowledge Proof Auth

The Cave

Registering a Service

  • One Intermediate Certificate per Service
  • Two Keys-pairs per Service
  • The signature keys-pair is used for auth

Zero Knowledge Proof

  1. Service: Ask the Server for a new Client token
  2. Server: Pass the Token to the Service and the Client
  3. Service: Sign the Token and send it to the Client
  4. Client: Both check the signature and the Token

Security Concerns

  • No password exchanges
  • Keys can be revoked using the Intermediate Certificates

End 2 End Encryption


  • Client side only
  • Using the recipient Service Public Key
  • With a unique symmetric Key wrapping


  • Service side
  • With the Service Private Key

Security Concerns

  • Each symmetric key is unique per
  • The symmetric key is a datetime token

Non-naive approach

Document: a Tree Structure

Security Concerns

  • Never share all the doc
  • Smallest amount of Data possible
  • Forbidden resources stay safe

Frameworks, Tools, Use-cases

It's not that easy



Standard File

Mobile / Desktop

  • Binaries
  • Store the Keys in the Filesystem
  • Controlled environment
  • Protected against malware

Web Browser/PWA

Even YP!


  • Prevent requests from unknows
  • Prevent unauthorized access
  • → Sandbox network exchanges


  • Forbid unwanted document write
  • Explicitely allow resources
  • Prevent XSS injection / Data leak
  • → Protect application integrity


  • Verify assets checksum
  • Prevent MITM attack
  • → Guarantees external resources integrity


  • Prevent the leak of internal URIs
  • Sandbox app URLs
  • → Protect from malicious tracking

Keys Storage

  • WebCrypto to manage Keys
  • File-API to store Keys
  • Export encrypted contents

How to protect the Encryption Layer ?


  • Prevent the data access on-the-fly
  • Make Extracting/Sniffing data significantly harder

Minimize the Mayhem

  • Data leak → Encrypted
  • Priviledge escalation → Encrypted
  • ID theft → ZKP (Encryption)
  • → Limit the attack bias

Thanks @vixentael for the recap

7 questions on ZKA

1/ Migrating from an existing codebase

2/ Applying ZKA to the Big Data

3/ Losing The Keys

4/ Storing metadata on the server

5/ Server security failure

6/ Exporting the keys

7/ Recovery



  • Recovery Certificate
  • Recovery Keys-pair
  • TOTP Token
  • Random Recovery Password

Recovery Server

  • Client Private Key account
  • Recovery material


Recovery Server

  • Identify the user’s Private Key
  • Serves the payload
  • Delete the material

(new) Client

  • Extracts the payload
  • Restores the contents

Who we gonna trust ?

  • Constructors?
  • Operating Systems?
  • Apps Editors?
  • Users?

We need reviews

Open source, public reviews, public authorities, independent reports…


  • Allowed on the Web
  • It’s just a pattern
  • Complex, w/ a Cost
  • Trust issue
m4dz's avatar

Paranoïd Web Dino · Tech Evangelist

alwaysdata logo


Thank You!

Available under licence CC BY-SA 4.0


m4dz, CC BY-SA 4.0

Interleaf images

Courtesy of Unsplash and Pexels contributors


  • Layout icons are from Entypo+
  • Content icons are from FontAwesome


  • Cover Title: Sinzano
  • Titles: Argentoratum
  • Body: Mohave
  • Code: Fira Code


Powered by Reveal.js

Source code available at