Client-side encryption poll

We were discussing adding encryption to Dynalist the other day, and had some questions we’d like answered.

To reiterate, here’s what we mean by the terms:

  • Encryption: you set a key, and your content will be encrypted with this key and turn into gibberish nobody can understand. This gibberish is then sent to our server and saved. You have to remember the key yourself. If you forget it, your content stays gibberish forever. Please understand this before considering opting in for encryption.
  • Password protected: an easy way to protect your content. Not very secure, but useful for not having your family members or colleagues see your content by accident. Will not prevent a technical person from accessing your data because the content sits unencrypted in memory/hard disk. This should be enough to deter a curious kid or your colleague while you get coffee or lunch.

With the above information, what’s your preference on encryption/passwords?

  • I’d like to encrypt each document individually
  • I’d like to encrypt all my Dynalist content with the same key
  • I’d like a simple password protection mechanism
  • I don’t really need encryption, I just need it so that my company would approve it; offline mode1 would work just as well

0 voters

1: offline mode: True Offline Mode or Encrypted Data

1 Like

Will Option 2 (encrypts all docs universally) affect documents being shared? Making them unviewable?

2 Likes

Looking at other apps with encryption, when only individual documents are encrypted they are also hidden from search. (This includes metadata like tags.) Having a single encryption key for everything means that when you are in, everything is searchable and works normally. You don’t have to be worried that there are “hidden” search results. On the other hand, it means that every time you want to work you need to unlock the app, which is annoying if not implemented very well. Having only individual documents encrypted means that you can work on your other documents without being slowed down by having to decrypt everything every time you load the app.

As an academic researcher, I need to keep some of my data encrypted in order to protect the privacy of my informants in the cloud. Currently I use DayOne which implements this very well. This is partially because it is an Apple-only app so it can use TouchID on my phone and laptop to quickly unlock everything without having to enter a passphrase by hand every time I launch the app. When I voted for “encrypt everything” I was thinking of this user experience, but on further reflection I worry that a cross-platform browser based app like Dynalist will be able to approach this level of speed and ease-of-use while maintaining site-wide encryption. If that is the case, then I would change my vote to encryption at the level of individual documents. In short, it really depends on the implementation. Site-wide is better, but not if it comes at too high a cost in terms of speed and easy of use.

1 Like

It’s a tricky question and I think the answer is no. Since you don’t want to share the encryption key, the collaborator won’t be able to read the data. Dynalist doesn’t know what the raw data looks like either.

Or we can allow different keys for encrypting different documents, and as a result you can use a work key to share with your colleagues (they have access to the key as well), and a different key for encrypting personal documents.

I personally would prefer to have per-document client-side encryption, but any encryption on top of what DigitalOcean is providing is a significant improvement. So I single encryption key would probably still meet my needs.

This is still mostly a work requirement right now, but that doesn’t mean I don’t want my files to always be available. I work on several laptops, a work desk, and from my home system. It’s not going to be a feasible solution to keep everything synced if it’s not client-side encryption.

The simple password protection mechanism is just not an improvement.

1 Like

I’m also worried about the load that encryption might make on both the server and the individual who has to maintain it. I hope that this would be optional so that those who don’t need it won’t be encumbered by it. I’m comfortable with the Evernote model of password protecting particular sections of cards.

Encryption will be optional for sure, if that’s what you mean.

I like the idea. Do you call that the public and private keys?

Public and private keys have a technical meaning that isn’t in view here, so no.

The description is just each document has a key. You can share any key, to whom you choose, if you choose.

In addition to this, I would want the document owner to be able to specify who is allowed in.

2 Likes

What Alan said was 100% correct. If you want to keep a document private, keep the key private. If you want to share an encrypted document, also share the key so that they can read and edit it.

Public key isn’t in view here because it’s not needed in our scenario. We can get into the technical details if anyone’s interested.