Private notes: encrypted XML notes synchronization and sharing with untrusted web services

Abstract

Personal notes, even when shared with others, often contain highly sensitive information. From a security and privacy point of view, currently available (web) services that upload such personal notes to potentially untrusted third party servers are therefore problematic and we suggest to encrypt all notes before transferring them from the user's personal device. However, synchronization and sharing of encrypted data is a non-trivial issue, because conflict resolution and merging algorithms need to be applied to plain-text content. With <i>Private Notes</i>, we propose an architecture for client-side encryption, merge, and conflict handling of personal notes stored in XML format. We adopt the OpenPGP standard for symmetric and asymmetric encryption and Web-DAV for synchronizing and sharing notes on arbitrary web servers. Specific implementations in the form of a plug-in for the Tomboy desktop note taking application and the Android and iOS mobile platforms demonstrate the ease of use of encrypted notes sharing.

DOI: 10.1145/2095536.2095579

Extracted Key Phrases

3 Figures and Tables

Cite this paper

@inproceedings{Klingelhuber2011PrivateNE, title={Private notes: encrypted XML notes synchronization and sharing with untrusted web services}, author={Paul Klingelhuber and Ren{\'e} Mayrhofer}, booktitle={iiWAS}, year={2011} }