I have some encryption understanding however I fail to get my head around following scenarios. I would like to know if they are possible with a zero knowledge encryption system.
What the system can or can’t do can be added to the answer. Example:
- The system needs to keep a encrypted copy of the key.
- The user has to have the key on a USB stick.
In the end, all scenarios ask the same questions.
- Can the user access his data?
- Does the system know about his data?
Scenario 1: User logs in on a new computer. Does not have the key with him.
Scenario 2: User logs in on a new computer. Does have the key with him (e.g. USB stick).
Scenario 3: User lost his password. His identity has been verified and approved.
Scenario 4: New sub-users are assigned to the same resource.