Download

Download [Encrypted notepad here]!

Encrypted notes

Encrypted Notes is a very simple to use application providing state of the art industrial-strength encryption to users who want nothing more than to store sensitive information in text documents. Users can be completely at ease in the security provided by Encrypted Notes because it follows best practices in dealing with encryption algorithms and does not try to do anything that is not standard procedure. This is important because "being too clever" is one of the most common reasons for security failures in the application of cryptography.

Documents encrypted with Encrypted Notes can never be recovered if the password is lost. Data encryption is done using AES-128 in CBC mode, with SHA-1 for purposes of computing hash digests.

However, note that Encrypted Notes cannot protect users against weak passwords and physical security failures. For more complete safety, the operating system's swap should also be encrypted. Users with more demanding security requirements (including public key cryptography) should look at GPG.

Encrypted Notes is written in Java. Its document format is open.

Please report any found bugs or problems!

Frequently asked questions

1. How safe is it? What if someone breaks AES?

In case AES gets "broken" (which requires us to define "broken" but let's say it's in the Hollywood-movie-blockbuster type of "broken") you should probably have relatively little concern for your data. Your much bigger and immediate concern should be if your bank will still be open tomorrow and will your government still function when you wake up, along all the "little things" like will there be electricity and tap water, will the grocery shops still work, will the hacked nuclear missile miss your town etc. etc. because they all depend, if only at the point of interaction with the financial companies and the government, on AES-based security. What I'm saying is: there's a lot at stake here and there is extremely high confidence that AES cannot even begin to be seriously attacked in the described way in the next few decades of time. Remember that DES, the old IBM standard, was completely safe for 30 years and even now it is only "broken" for limited circumstances which still require large resources. AES is at least 2⁶⁴ times more secure than DES (this is a large number).

2. Why only AES-128? Why not use AES-256?

For the same reason there is no second place at the International Championship for Swimming Unassisted Across the Pacific Ocean. Since there is complete confidence that AES-128 cannot be broken in any meaningful way, there is little point of using a variation of the algorithm that is supposed to be 2¹²⁸ times harder to break than the unbreakable algorithm. In the impossible case AES in general proves to be a failure, both 128 and 256 bit variations will fail similarly.

3. What are some of the ways a sufficiently powerful adversary could decrypt the saved documents?

The only way to decrypt saved documents is to somehow get a hold of the original password, within the probability of 1/2¹²⁸ (in other words, there are no other practical ways short of breaking AES).

There are, however, some very easy ways to obtain the original password from the original person who encrypted the documents in the first place:

1. Asking him for it, which includes: a) pretending to be someone else and asking him for the password, b) getting a court order or a police warrant to coerce the password from the user under the possibility of being prosecuted under law and c) using torture or similar approaches on the user until he gives up the password.
2. Eavesdropping for the password, which includes: a) searching the user's desk or house for traces of written-down passwords, b) Monitoring known communications, including e-mail, phone, SMS, IM / chat, Facebook and other channels where the user could communicate the password to another person and c) installing electronic listener / eavesdropping devices ("bugs") or software in places such as the user's keyboard, computer chassis, cell phone, mouse, etc. to pick up electrical signals from the hardware (i.e. the keyboard) as the password is being entered or processed.
3. Guessing the password. This is often an underestimated approach - people are usually not clever enough to think of an unguessable password that is also easy to remember without giving it some serious thought.

In conclusion: someone who is really really motivated to obtain the documents will not even have to start breaking AES since there are much easier ways.

Dealing with these ways of obtaining password from people can can make you seriously paranoid. Some of the recommendations on improving security involve things like entering the password only ever on a single laptop computer which is carried around at all times and never let out of sight (to prevent someone "bugging" it - but it is ridiculous to think the computer will not ever be stolen) or locking it into an unbreakable safe when the computer is not in use (but then - where do you keep the safe's password?).

Because of these reasons, it is recommended that the users simply relax and try to live happier, longer lives without paranoia.

On the other hand, if the user can guarantee that options 1..3 described in the above list will never happen, the documents will be unconditionally and completely safe (within the guarantees of the mathematics of cryptography).