As this is a serverless implementation, unless you can find some way of authenticating to client machine then you're stuck. There is no client-only way round it without the key or a password, and as you have no management server, you have no off-box backup of the key.
Unfortunately, to have a way round it at this point is to invalidate the point of encryption :(