|
|
|
|
|
|
by tga_d
4513 days ago
|
|
|
Not true, there are plenty of key-derivation schemes. Basic idea for how one may work (not necessarily the one they will use, I'm still reading the wiki pages): data is encrypted locally with a hash of the user's passphrase, then that hash is hashed again and sent to the server as a login credential. The server never sees the original passphrase, nor the encryption key, nor the contents of the material uploaded. |
|
|