End-To-End Encryption Policy

A Brief Description of E2EE

With Consol’s limited End-to-End Encryption (E2EE) service, data is encrypted on the system (or device) of the starting point, then it is transferred to Consol’s cloud storage and stored in its encrypted state. When you choose to retrieve the data, it is downloaded in its encrypted state and then decrypted on the system (or device) of the end point (which could be the same device as the starting point). E2EE prevents any third party between the two end points from being able to snoop, scrape, or read your data. Your Encryption-specific-password (ESP) is the key that both locks (encrypts) and unlocks (decrypts) the data before and after transit.

Consol’s E2EE Policy

To access Consol’s limited E2EE service, you must subscribe to an additional component (for an additional monthly fee), which is not included in Consol’s basic service. Limited E2EE does not cover or apply to all content types or data that you may upload to Consol or that you may write into the Consol database through your Account. Your use of Consol E2EE is subject to risks attendant to the following features and limitations:

Features and Limitations of Consol’s E2EE

  • Consol uses the PBKDF2 standard to strengthen and secure your Encryption-Specific-Password (ESP) beyond its naturally insecure state of just a few short words or characters (12 character minimum)
  • This strengthened password is used in the AES-GCM (256-bit) algorithm to encrypt a randomly generated data key the first time Consol Encryption is activated. Content can optionally be encrypted or decrypted on the fly using this encryption key. Only you have access to the key.
  • Your unencrypted ESP is never transmitted to Consol or elsewhere.
  • If encryption is enabled on a Consol item, the item’s data must be decrypted, locally in the browser, in order for you to read and edit the data. This data is never transmitted to Consol or elsewhere while in this decrypted state. Consol’s auto-saving feature automatically encrypts the data before transmit.
  • For all items where encryption is not enabled, their data will be transferred in a decrypted state over SSL to Consol’s cloud storage.
  • Your encrypted data is only accessible with the original ESP (which we do not know or store) and it is only requested by the browser once per session for your convenience.
  • At this time, Consol supports encryption only of certain content types, viz. notes, code blocks, and images, for users who have subscribed to the E2EE component. The other content types available in Consol are not yet encryptable.
  • Notably, Consol E2EE does not yet support encryption of the titles of any content types. For example, if you create a Consol note and encrypt it, the text you add to the note’s body will be encrypted but its title will not be encrypted. For now, you should operate accordingly. We plan to improve this in the future.
  • You acknowledge that if you encrypt an item after you create and add content to it, there may be a period of time in which your item’s body content is not encrypted while being stored in our database. This is only possible because we offer the ability to encrypt items individually, which requires an ESP entry per session. This security requirement is not always convenient when reading and writing non-sensitive data. To avoid this scenario where sensitive data can be momentarily stored in plain text in our database and ensure the greatest security we offer, we recommend toggling on the encryption lock button next to the “Create” button.

    When toggled on, the button will appear green and all notes, code blocks, and images that are created will be encrypted in your browser before being uploaded and stored on our servers. If an item is already created in an unecrypted state, you may also, where possible, toggle on the crypto button in the item’s pageview before you begin adding content to it.
  • Once you encrypt an item that was previously unencrypted, Consol immediately overwrites the original unencrypted version in our database and discards the old data. Consol does not actively or intentionally store a previous copy of an unencrypted item. Consol, however, does engage in regular backups of data and to the extent that your data is ever unencrypted while housed in Consol’s database, you acknowledge and consent to the risk that an intermittent backup may store your data while it is unencrypted, even if you are subscribed to E2EE, and even if you have designated your data for cryptographic protection, particularly if you designate an item for encryption after you add content to it.

The Future of Consol’s E2EE

As the WebCrypto API evolves we are committed to continuing support for it and implementing the strongest security it can provide. We are also committed to bringing E2EE to all components and communications within Consol.