Client-side encryption poll

We were discussing adding encryption to Dynalist the other day, and had some questions we’d like answered.

To reiterate, here’s what we mean by the terms:

  • Encryption: you set a key, and your content will be encrypted with this key and turn into gibberish nobody can understand. This gibberish is then sent to our server and saved. You have to remember the key yourself. If you forget it, your content stays gibberish forever. Please understand this before considering opting in for encryption.
  • Password protected: an easy way to protect your content. Not very secure, but useful for not having your family members or colleagues see your content by accident. Will not prevent a technical person from accessing your data because the content sits unencrypted in memory/hard disk. This should be enough to deter a curious kid or your colleague while you get coffee or lunch.

With the above information, what’s your preference on encryption/passwords?

  • I’d like to encrypt each document individually
  • I’d like to encrypt all my Dynalist content with the same key
  • I’d like a simple password protection mechanism
  • I don’t really need encryption, I just need it so that my company would approve it; offline mode1 would work just as well

0 voters

1: offline mode: True Offline Mode or Encrypted Data

2 Likes

Will Option 2 (encrypts all docs universally) affect documents being shared? Making them unviewable?

2 Likes

Looking at other apps with encryption, when only individual documents are encrypted they are also hidden from search. (This includes metadata like tags.) Having a single encryption key for everything means that when you are in, everything is searchable and works normally. You don’t have to be worried that there are “hidden” search results. On the other hand, it means that every time you want to work you need to unlock the app, which is annoying if not implemented very well. Having only individual documents encrypted means that you can work on your other documents without being slowed down by having to decrypt everything every time you load the app.

As an academic researcher, I need to keep some of my data encrypted in order to protect the privacy of my informants in the cloud. Currently I use DayOne which implements this very well. This is partially because it is an Apple-only app so it can use TouchID on my phone and laptop to quickly unlock everything without having to enter a passphrase by hand every time I launch the app. When I voted for “encrypt everything” I was thinking of this user experience, but on further reflection I worry that a cross-platform browser based app like Dynalist will be able to approach this level of speed and ease-of-use while maintaining site-wide encryption. If that is the case, then I would change my vote to encryption at the level of individual documents. In short, it really depends on the implementation. Site-wide is better, but not if it comes at too high a cost in terms of speed and easy of use.

1 Like

It’s a tricky question and I think the answer is no. Since you don’t want to share the encryption key, the collaborator won’t be able to read the data. Dynalist doesn’t know what the raw data looks like either.

Or we can allow different keys for encrypting different documents, and as a result you can use a work key to share with your colleagues (they have access to the key as well), and a different key for encrypting personal documents.

I personally would prefer to have per-document client-side encryption, but any encryption on top of what DigitalOcean is providing is a significant improvement. So I single encryption key would probably still meet my needs.

This is still mostly a work requirement right now, but that doesn’t mean I don’t want my files to always be available. I work on several laptops, a work desk, and from my home system. It’s not going to be a feasible solution to keep everything synced if it’s not client-side encryption.

The simple password protection mechanism is just not an improvement.

1 Like

I’m also worried about the load that encryption might make on both the server and the individual who has to maintain it. I hope that this would be optional so that those who don’t need it won’t be encumbered by it. I’m comfortable with the Evernote model of password protecting particular sections of cards.

Encryption will be optional for sure, if that’s what you mean.

I like the idea. Do you call that the public and private keys?

Public and private keys have a technical meaning that isn’t in view here, so no.

The description is just each document has a key. You can share any key, to whom you choose, if you choose.

In addition to this, I would want the document owner to be able to specify who is allowed in.

2 Likes

What Alan said was 100% correct. If you want to keep a document private, keep the key private. If you want to share an encrypted document, also share the key so that they can read and edit it.

Public key isn’t in view here because it’s not needed in our scenario. We can get into the technical details if anyone’s interested.

The problem with a single key is it would kill facility to collaborate. It would be nice to have the ability to choose to either:

  • encrypt a folder, AND/OR
  • encrypt a document.

THEN you can choose to either encrypt a single thing OR a group of things. So if you need to share a key it doesn’t become burdensome as docs and people relations may expand.

I’m new here, I am already having associates ask me about Dynalist’s encryption.
Just my two-Sense (Twohawks ;^)

2 Likes

Yeah, collaboration is something people need to trade off for if they want to encrypt everything with the same key, unfortunately.

Maybe encrypting folders is a good solution that would satisfy both needs : Fast and easy encryption of many documents while still being able to collaborate.

2 Likes

Great to see this being considered. A lack of proper end-to-end encryption is the one thing keeping me from going premium on Dynalist or Workflowy - I need some reassurance that compromised servers won’t also compromise my data!

2 Likes

I see the problems of encrypting all content with a single key, so I voted for encrypting each document individually.

However, it would still be nice to encrypt everything with a single key during export (both manual and automatic). This would reduce the number of possible breaches from three or more (Dynalist server, Google or Dropbox server and every single computer or medium containing a manual backup copy) to just one (Dynalist server). And it wouldn’t induce the problems of end-to-end encryption.

(I know that there is a feature request regarding encrypted automatic daily backup, but I think that the above might be beneficial to your poll.)

I feel the “just one” breach point (i.e. Dynalist server) is what people are most concerned about, therefore we’re only asking about end-to-end encryption vs simple password protection here.

For me, a backup needs to be useable outside of Dynalist. How does that happen if it’s encrypted. Is there a way if I know the key to decrypt it apart from DynaList?

Thanks for your answer – so do I.

It’s hard to explain why I wrote this. Maybe like this: I’m a developer myself, and it has always helped me when someone pointed out (seemingly) related things. :slightly_smiling_face:

The export key could simply be stored in Dynalist’s settings. But I did not want to hi-jack this topic and think that further discussion of this topic should happen in *Encrypted* automatic daily backup. Thanks!

I asked the same question there with no answer. I also disagree that this is an independent question. The purpose of backup is an independent copy of my data. Encryption secures my data from reading. Backing up my data unencrypted foils the security. Backing up my daa encrypted also must be decryptable by me or the backup feature becomes pointless. I assume these matters impact the poll.