EncryptedNote LogoEncryptedNote
|
Get Started

Security at EncryptedNote

End-to-End Encryption

EncryptedNote uses XChaCha20-Poly1305, a state-of-the-art encryption algorithm, to secure your private notes. All encryption and decryption happens directly in your browser, which means your content is never transmitted or stored in an unencrypted form.

How it works:

  • Your note is encrypted in your browser before being sent to our servers
  • The encryption key never leaves your device
  • Even we cannot read your notes without the decryption key

Zero-Knowledge Security

We employ a zero-knowledge approach, meaning we have no ability to access the contents of your notes. The decryption key is only shared via the URL you provide to your recipient, and we never store this key on our servers.

Self-Destructing Notes

Once a note is read, it's permanently deleted from our servers. You can also set custom expiration times to ensure your sensitive information doesn't remain accessible longer than necessary.

No Accounts Required

We don't require user registration or accounts. This means there are no passwords to hack and no personal information stored that could be compromised.

Technical Details

Encryption Algorithm:

XChaCha20-Poly1305 (IETF variant)

A state-of-the-art authenticated encryption algorithm that offers superior security compared to traditional encryption methods. It combines the XChaCha20 stream cipher with the Poly1305 message authentication code.

Key Generation:

Cryptographically secure random number generator (CSPRNG)

We use the browser's built-in CSPRNG to generate truly random encryption keys that are impossible to predict.

Key Length:

256-bit encryption keys

Our 256-bit keys provide a security level that is considered unbreakable with current and foreseeable technology.

Transport Security:

TLS 1.3 for all data in transit

All communication between your browser and our servers is protected with the latest TLS 1.3 protocol.

Nonce Handling:

Unique 192-bit nonce for each encryption operation

XChaCha20-Poly1305 uses a 192-bit nonce, which virtually eliminates the risk of nonce reuse.

Security Comparison

XChaCha20-Poly1305 is considered more secure than many older encryption algorithms:

  • More resistant to timing attacks than AES-GCM
  • Larger nonce space (192 bits) compared to ChaCha20-Poly1305 (96 bits)
  • Designed to be secure against quantum computing attacks
  • Provides both confidentiality and integrity protection