Your Thoughts Are Safe: How Life Note Protects Your Privacy with AES-GCM Encryption

Daniel W. Chen -

At Life Note, I know your journal is more than just words—it's your sanctuary for reflection, growth, and creativity. That’s why I take your privacy seriously, building every layer of our platform to ensure your thoughts are protected. At the core of this commitment lies AES-GCM encryption, a state-of-the-art security standard that ensures your data remains private and secure.

What Is AES-GCM?

AES-GCM (Advanced Encryption Standard with Galois/Counter Mode) is one of the most trusted encryption algorithms today, used by governments, tech giants, and security professionals worldwide. Here’s why it’s exceptional:

  1. World-Class Encryption: AES encrypts data using keys of 128, 192, or 256 bits, making it virtually immune to brute force attacks. Even the most powerful supercomputers would take billions of years to break.
  2. Built-In Data Integrity: GCM (Galois/Counter Mode) enhances AES by adding authentication, which ensures that encrypted data hasn’t been tampered with. If someone tries to alter your encrypted journal, GCM will detect it and block access.
  3. Blazing Fast Performance: AES-GCM is optimized for modern devices. Whether you're journaling on your laptop or mobile phone, encryption and decryption happen instantly without slowing you down.
  4. Widely Trusted: AES-GCM is the encryption backbone of secure systems like HTTPS, VPNs, and messaging platforms like WhatsApp and Signal. If it's good enough for these applications, it's good enough for safeguarding your private thoughts.

How Life Note Uses AES-GCM to Protect Your Journals

Here’s how your privacy is protected every step of the way:

  1. End-to-End Encryption:
    • Your journal entries are encrypted locally in your browser using AES-GCM before being sent to our servers.
    • Your journal entries are only decrypted when AI conducts analysis and are not read by humans, also, no third parties can collect and retain your data.
  2. Tamper-Proof Security:
    • Each encryption process uses a unique initialization vector (IV) to ensure every piece of data is uniquely encrypted. If anyone tries to manipulate your data, the decryption will fail.
  3. Secure Storage:
    • Once encrypted, your journal is stored on our servers in its encrypted form. Without your encryption key, the data is unreadable.
  4. Authentication and HTTPS:
    • All communication between your device and our servers is protected with HTTPS, ensuring your encrypted data is never exposed during transmission.

What’s Next for Life Note’s Security?

Security isn’t a one-time milestone—it’s an evolving process. While AES-GCM provides strong foundational protection, we’re committed to continuously enhancing Life Note’s security to stay ahead of emerging threats. Here’s what’s on our roadmap:

1. Key Management with AWS KMS

We plan to integrate AWS Key Management Service (KMS) to take our encryption key management to the next level. With AWS KMS, encryption keys will be securely stored and managed in a cloud environment backed by hardware security modules (HSMs). This solution offers:

  • Automatic Key Rotation: Ensuring your encryption keys are always up-to-date.
  • Fine-Grained Access Control: Restricting key access to authorized operations only.
  • Enhanced Reliability: Hardware-backed security ensures robust protection against physical and digital threats.
  • Compliance: AWS KMS helps with compliance requirements like GDPR or HIPAA.

2. Two-Factor Authentication (2FA)

To fortify account security on your future mobile device, Two-Factor Authentication (2FA) will also be introduced. This will require an additional step to verify your identity during login, such as:

  • A code sent to your mobile device.
  • An authenticator app like Google Authenticator or Authy.
    By implementing 2FA, we’ll add an extra layer of protection, ensuring your account remains secure even if your password is compromised.

Your Thoughts, Secured for the Future

Your journal is deeply personal, and Life Note is committed to keeping it that way. With AES-GCM encryption as our foundation and a clear roadmap for future security upgrades, we ensure your reflections remain as private tomorrow as they are today.

Start journaling with confidence, knowing your thoughts are secure, encrypted, and entirely yours. 💜