Notebook
An app you can trust your secrets with.
Try it out: https://securenotebook.pythonanywhere.com/
This app uses AES-128 GCM to prevent anyone but you from accessing your notes.
How does work?
Register
- Generates a 16-bytes (128-bits) AES key
- Derives a master key from your password
- Encrypts AES key using master key
- Hashes your password
- Saves hashed password to database
- Saves encrypted AES key to database
Login
- Derives a master key from your password
- Saves master key into your browser’s session
Encrypt data
- Gets your master key from your session
- Uses your master key to decrypt your AES key
- Uses your decrypted AES key to encrypt your data
Decrypt data
- Gets your master key from your session
- Uses your master key to decrypt your AES key
- Uses your decrypted AES key to decrypt your data
Notice:
Your master key is only derivable from your plain-text password
Your plain-text is only available when you are logging in
Your master key is never saved into a database
Your decrypted AES key is never saved
Warning:
If you lost your password, then your notes will be lost as well
Usage
Installation
$ > pip install -r requirements.txt
Start
$ > python notebook.py
Navigate to the following URL within your browser
http://localhost:5000