I went full server side encryption with https://truefriender.com I relied on SSL for the client to server communication. However the user holds a key that is not stored on the server, so without that key the text on the server is unreadable, if you try entering an incorrect PIN you can see what I mean.

I've submitted to HN but didn't make the front page, check it out if you're interested in this stuff.