There are many note-taking applications, but this is useful if you want to encrypt some of your text.
For example, it can be used for password management.
For an example of password management with Notion, please see the following blog.
How to manage passwords using Notion. Passwords are stored in encrypted form.View Details
Encryption and decryption are performed by the user's browser, and no data is sent to the server.
Encrypted data is included in the parameters of the decryption URL.
What type of encryption does Evernote use?View Details
This service uses "PBKDF2" to generate an AES key from the passphrase entered by the user.
A random salt is passed through the HMAC/SHA-256 hash function 100,000 times. (The number of iterations can be specified.)
It is encrypted by AES using the AES key and initial vector.
|Number of iterations||100,000 times or more||50,000 times|
|Encryption||AES - 256bit||AES - 128bit|
Basically, keep the decryption URL in a place that only you can access.
If the URL is not known to others, it cannot be decrypted illegally.
Even if the decryption URL is known to others, it cannot be decrypted without knowing the passphrase.
This service discloses a manual decryption method. (Of course, a passphrase is required.)
This is to avoid the possibility that this service may become unavailable and decryption may not be possible.
On the other hand, you may be concerned about unauthorized decryption.
Even if the passphrase is not easy to guess, consider whether it can be breached by brute force.
If you input 8-digit passphrase consisting of letters (upper and lower case) + numbers + 32 symbols, there are
6,095,689,385,410,816 patterns (94 characters to the 8th power).
On my PC (Core i5 11th generation), with a default iteration count of 100,000, each encryption took roughly 800ms.
Assuming 2 attempts/sec for simplicity, only 172,800 attempts can be made per day.
Even if one were to attempt a total hit at this rate, it would take about 100 million years.
Since the above is the case even with 8 digits, further increase in the number of digits will result in a
Furthermore, increasing the number of iterations takes more time per decoding and more time per total.
In addition to the brute force of the passphrase, the attacker must also brute force the number of iterations.
At this point, I think we can be quite assured.
After reading this far, the possibility of unauthorized decryption is as close to zero as possible, but what if
it is deciphered?
The text to be encrypted should not be a set of site name, ID, and password.
For example, only "passwords" should be used in a single encryption.
Even if the password is illegally decrypted and "only" the password is known, the attacker will not know which site it is for or what the ID is.
In the unlikely event that this service becomes unavailable, you can still manually decrypt the file from the
Source code for decryption is available on GitHub.
Data encrypted with TXT-Crypter can be manually decrypted.View Details
Download decrypt.html and open it in your browser.
Enter the decryption URL in the URL, passphrase, number of iterations, and click the "decryption" button.
Once the correct information is entered, the decrypted text will be displayed.