Recently I added client-side encryption to Taigen, my note-taking app. In client-side encryption the client—your web browser—encrypts data before sending it to the server. In contrast end-to-end encryption is used in messaging apps where the message is encrypted by the sender and decrypted by the receiver.
Advantages of client-side encryption
- Search warrants are useless.
- Database hackers get nothing.
- Accidental data breaches reveal nothing.
When I looked into encryption I wasn’t thinking of nullifying police warrants; I was concerned about hackers or a data breach where the web host discards a hard drive but doesn’t erase it first.
Taigen: under the hood
Taigen stores your notes locally as plaintext in IndexedDB, a database built into your browser. Taigen synchronizes this database with the server database in the background whenever it detects a local note change.
Encryption key from your password
When you create an account or log in, an encryption key is derived from your password and stored in IndexedDB, per the recommendation of the World Wide Web Consortium which developed the Web Cryptography API standard:
Encryption occurs during sync so the user doesn’t notice a slight delay caused by the crypto calls.
Local note export
Before, the client could download a zip file of your notes from the server. Now the client compiles a zip file of your plaintext notes from its IndexedDB. Client-side zipping is faster—the client doesn’t have to poll the server to see if the file is ready—but requires a third party zip library.
Local text file import
Don’t lose your password
Because your notes are encrypted with a derivation of your password, if you lose your password you lose your data—which is why you should back up your notes by exporting them weekly, a good idea when using any cloud-based service.
The Feds want your keys
Speaking of encryption, Congress recently tried to pass a key disclosure law requiring a back door in all public cryptography. Ignoring the foolishness of handing over the keys to your papers and effects because someone demands it—can the US government be trusted with the power to read every financial transaction and hospital record? Can we trust it not to lose the keys?
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
TSA master luggage key hack
The US Transportation Safety Administration (TSA) has a program where TSA-approved luggage locks can be opened with a master key allowing airport security to expedite baggage searches. When the Washington Post published a photo of a TSA master key, hackers studying documents published by Travel Sentry—the group handling TSA protocols—were able to create a TSA master key that could be printed on a 3D printer.
Edward Snowden was a computer consultant for the CIA. He was appalled by the widespread spying on US citizens so he copied and published scores of NSA documents on top-secret programs such as PRISM, which gives the NSA direct access to Americans’ Yahoo and Google accounts.
Snowden published so many government secrets they really don’t know the extent of the damage. If the government can’t secure its own data, how can it secure the keys to every financial transaction and medical record in the US?