Evernote - security concern

[natv 9]

As an Evernote user who does sometimes store sensitive information in Evernote (by encrypting specific text), I would like a response from Evernote regarding this.

 

A high profile investor in the cryptocurrency space was recently hacked ($2M USD worth).

He mentioned that he did store his private keys in Evernote - but - that this information was encrypted.  

Based on his story, he claims that somehow someone with access to his email account was somehow able to reset his Evernote password (based on my understanding) and somehow gain access to his encrypted notes too:

" I thought I was safe storing my private keys on Evernote because I encrypted them but clearly that didn’t help. I did have 2FA on my Gmail with the authenticator app but that didn’t help because my recovery email address was my college email and there is no 2FA on that. Once the hackers had access to my Gmail, they basically had access to everything"
http://ianbalina.com/ian-balina-hacked-2-million-ama-live-stream-w-notes-april-24th-2018/

 

What I'm not clear on - is even if someone resets your Evernote password and accesses your notes, this shouldn't give them access to any encrypted information, because that is encrypted separately and as far as I know, even Evernote should not have the ability to even know your encryption password.

 

Am I correct, or does Evernote's systems store your encrypted password somehow?

I think this is important for everyone to know.

 

If the above person's story is inaccurate then it would be good for Evernote to confirm this, as otherwise, Evernote security looks quite bad here if something like this could really happen.

 

 

[DTLow 5,736]

50 minutes ago, natv said:

What I'm not clear on - is even if someone resets your Evernote password and accesses your notes, this shouldn't give them access to any encrypted information, because that is encrypted separately and as far as I know, even Evernote should not have the ability to even know your encryption password.

Am I correct, or does Evernote's systems store your encrypted password somehow?

I think this is important for everyone to know.

While waiting for Evernote to respond, my understanding is

1. Passwords are not stored unencrypted
2. Access to an email password does not give access to your Evernote password (assuming they're different)
3. Access to your account password does not give access to your encrypted text password (assuming they're different)

There is a risk when the same password is used everywhere.

[jefito 5,589]

From Evernote docs on encryption (https://help.evernote.com/hc/en-us/articles/208314128-What-type-of-encryption-does-Evernote-use-). I italicized the part where they talk about the encryption passphrase.

I don't believe that being able to get into an Evernote account gets you access to encrypted content in the notes; you need to also know the passphrase. It's possible, I suppose (and I found a web site that claims this), that encrypted content is stored unencrypted in your local database (I use the WIndows client), but I'd need to dig to be able to verify it. The same website also claims that the encrypted is stored internally as unencrypted so that it can be searched for, but that doesn't seem to hold true, so I'd take the former with a grain of salt If you export a note with encrypted content to Evernote format (.ENEX), the encrypted part is indeed exported as encrypted.

 

Quote

Encrypted text supported

If you are using an Evernote desktop client, such as Windows Desktop and Evernote for Mac, you can encrypt any text inside a note to add an extra level of protection to private information. In February 2014, Evernote made a conscious effort to improve the security of in-note encryption and began using AES (Advanced Encryption Standard) with a 128 bit key.  Prior to that time, Evernote used RC2 encryption with a 64 bit key, derived from a passphrase you chose.

Evernote derives your AES key from the passphrase you enter and does this using a well recognized method called PBKDF2 (Password Based Key Derivation Function 2). Your passphrase, along with a unique salt, runs through a HMAC/SHA-256 hashing function 50,000 times. The result is a 128 bit AES key. This key, along with an initialization vector, is used to encrypt your data in CBC (Cipher Block Chaining) mode.

Evernote never receives a copy of this key or your passphrase and doesn’t use any escrow mechanism to recover your encrypted data. This means that if you forget your passphrase, your data cannot be recovered.

 

[natv 9]

Yeah we definitely need Evernote to address whether or not encrypted data is stored locally too. That's for posting that.

[DTLow 5,736]

7 minutes ago, natv said:

Yeah we definitely need Evernote to address whether or not encrypted data is stored locally too.

I'm on a Mac and can view the raw storage for data.  

Encrypted data is stored in encrypted form.  I have to use the Evernote app to decrypt, and the password is required.

[CalS 5,280]

1 hour ago, DTLow said:

I'm on a Mac and can view the raw storage for data.  

Encrypted data is stored in encrypted form.  I have to use the Evernote app to decrypt, and the password is required.

On Windows, if you enter an encryption password different than one you have used you get the message below..  That implies to me that the encryption password is stored somewhere outside the note (may be stored within the encrypted part of the note as well for all I know). 

It would be good to know if EN is storing encryption passwords inside some EN encryption zone.  If not, then yeah, someone with enough time and knowledge could id your encryption passwords would be my guess.

[DTLow 5,736]

3 hours ago, CalS said:

That implies to me that the encryption password is stored somewhere outside the note

Yes, there must be storage for the comparison; also for the hint.

I'm trusting an encryption of the password is stored or some hash/checksum; I'm still searching for a reference to this.
The comparison should be stored-encrypted-password to entered-encrypted-password

[alexpc 0]

I use Evernote since the beginning. Recently I was aware Evernote redesigned the iOs apps but not a single improvement in security or encryption. I'm tired waiting and being in compromise because Evernote thinks we need better looking apps with poor security. For example, apple iCloud doesn't end to end encrypt backups on iOs, so all my offline notes are ready to read for anyone who could get access to this backups. I stopped backing to iCloud and now I'll stop using Evernote. I'm an unsatisfied premium user who will exit for good. I'm looking for alternatives to migrate my 7000 notes to. End to end encryption, "not your keys not your data" is a must for me. So goodbye, I waited too much and risked too much now waiting in vain. 

[Rob van Vliet 43]

There is a caveat that I have pointed out a couple of times here. Although the encryption key is not stored anywhere, and the mechanism seems to be sound, Evernote keeps a history of your notes. In most cases you will type or paste a secret text first, and then encrypt it. In between those actions the note has synced, and the unencrypted version is in your history.

To circumvent this, first type a random text, encrypt it, and then replace the text with the real secret.

[DTLow 5,736]

1 hour ago, Rob van Vliet said:

In most cases you will type or paste a secret text first, and then encrypt it. In between those actions the note has synced, and the unencrypted version is in your history.

I recommend encrypting data in a Local notebook, or external to Evernote

[PinkElephant 8,077]

There are ways to encrypt data in a cloud storage. There are 2 issues you have to decide for yourself: Practicability and trust.

• Practicability means a method needs to be practical to use, not too complicated or requiring a machine-like discipline.
• Trust means even if you encrypt the data you send to cloud storage, if somebody wants to decrypt them, they can use nearly infinite computing resources and have all the time on this. An encryption to withstand this needs pretty long keys, longer than rainbow tables will run, and of course an encryption software free of backdoors. There is one more unknown: Today’s encryption methods based on large prime numbers and their products are known to have a weakness that can be exploited by future (or today’s ?) quantum computers. What may be safe today could be crackable in the future without an effort.

EN can’t offer to encrypt the data in a way that is not know to EN, because many server side services like OCR or search depend on reading the information. Reading does not mean that humans have to see the data, but machine learning needs to be applied. This does not mean that the data is not encrypted or protected, but it means that EN holds a set of keys.

The user can encrypt data before it reaches EN, but again is it practical to do this by encrypting one text after the other ? Again and again ? And even if the key is long enough, if you don’t trust you have to question whether the encryption algorithm does have a backdoor. Nobody can know, it is not open source.

My conclusion: If data is critically sensitive or private, I would not use any cloud service to store it for me. I think most of us only have little information that falls into that category, which leaves enough room to use cloud services for day-to-day storage and retrieval. Let us not take ourselves as being too important. If the usual measures (good, unique password + 2FA) are taken to safeguard ones EN account, the content is well protected and not accessible for outsiders with bad intentions.