Private Notes: Encrypted XML Notes Synchronization and Sharing with Untrusted Web Services

TitlePrivate Notes: Encrypted XML Notes Synchronization and Sharing with Untrusted Web Services
Publication TypeConference Paper
Year of Publication2011
AuthorsKlingelhuber, P., & Mayrhofer R.
Conference NameProc. {iiWAS2011}: 13th International Conference on Information Integration and Web-based Applications & Services
Date PublishedDecember
PublisherACM Press
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-0784-0
Abstract

Personal notes, even when shared with others, often contain highly sensitive information. From a security and privacy point of view, currently available (web) services that upload such personal notes to potentially untrusted third party servers are therefore problematic and we suggest to encrypt all notes before transferring them from the user's personal device. However, synchronization and sharing of encrypted data is a non-trivial issue, because conflict resolution and merging algorithms need to be applied to plain-text content. With \emph{Private Notes}, we propose an architecture for client-side encryption, merge, and conflict handling of personal notes stored in XML format. We adopt the OpenPGP standard for symmetric and asymmetric encryption and WebDAV for synchronizing and sharing notes on arbitrary web servers. Specific implementations in the form of a plug-in for the Tomboy desktop note taking application and the Android and iOS mobile platforms demonstrate the ease of use of encrypted notes sharing.