Private Notes: Encrypted XML Notes Synchronization and Sharingwith Untrusted Web Services


Personal notes, even when shared with others, often contain highlysensitive information. From a security and privacy point of view,currently available (web) services that upload such personal notesto potentially untrusted third party servers are therefore problematicand we suggest to encrypt all notes before transferring them fromthe user’s personal device. However, synchronization and sharingof encrypted data is a non-trivial issue, because conflict resolutionand merging algorithms need to be applied to plain-text content.With emphPrivate Notes, we propose an architecture for client-sideencryption, merge, and conflict handling of personal notes storedin XML format. We adopt the OpenPGP standard for symmetric and asymmetricencryption and WebDAV for synchronizing and sharing notes on arbitraryweb servers. Specific implementations in the form of a plug-in forthe Tomboy desktop note taking application and the Android and iOSmobile platforms demonstrate the ease of use of encrypted notes sharing.

Proc. iiWAS2011: 13th International Conference on Information Integrationand Web-based Applications & Services