I am working on a secure note-taking web application. My goal is to make it the most secure note-taking web app available (I don't see a ton of competition, so I think this is attainable).

Here is where I'm at thus far: examancer.com/exanotes/ (can't post the link since I'm newly registered here)

I have developed this without aid, so some of the assumptions I have made regarding security may not be accurate or realistic. I was hoping some of the smart people here at SitePoint can read through the following security concepts I am relying on and tell me if they feel as confident in them as I do.

I wanted very strong anonymity. To achieve this I hash and salt both the username and password before storing them in the database. A "user" on the site is not defined by a unique username... instead it is defined as a unique username/password combination (thus more than one user named "joe" can exist if they have different passwords). Plain-text usernames and passwords are never stored anywhere, but they are kept in-memory during the session. I use standard php sessions.

Most importantly I wanted strong encryption, and I wanted it to work in such a way that even someone with direct access to the database and code base would not be able to read the notes stored by site users.

To encrypt notes I take the plain-text password available in the session, I salt it (using a different salt then the one used for salting usernames and passwords for the 'user' table), hash it, and then use it as the encryption key to encrypt and decrypt notes to and from the database (using MySQL's built-in 256-bit AES_ENCRYPT() & AES_DECRYPT() functions). Once the user session is destroyed the password is no longer available so this encryption key cannot be generated. The encryption/decryption process does add latency compared to normal SQL, especially when doing full text searching, but the performance is still very speedy with a sane number of users.

To implement the "remember me" feature for users who wish to stay logged in for an arbitrary length of time (currently 90 days) I once again use the plain-text username and password stored in the session, encrypt them using PHP's mycrypt and the RIJNDAEL_256 cipher, and then store them (as hex values) in a cookie on the user's machine. The key for this is site-wide and stored in a constant. Upon re-visiting the site the username and password in the cookie are decrypted, and the plain-text username/password is used to log the user in automatically.

I know there are some potential issues on the user end since they will be transmitting a plain-text username and password to the site through my login form. I am hoping this issue is mitigated by users who choose to access via SSL (which is available).

I also recognize that having the plain-text username and password floating around, even if only in a temporary session variable, might be a potential weak point.

Lastly, I can see that using a single site-wide key for encrypting/decrypting the username and password for "remember me" cookies is another possible weak point. However, this would probably require that an attacker have access to both the server and the client machine to exploit this.

I am looking for any commentary anyone might care to offer regarding the security for this site. I would welcome any criticism and would welcome it even more if accompanied by suggestions.

Once the tool is more polished and the security more rigid I plan to release it as an open source project, both to further "vett" the code and because of the resources required to operate the service for a large number of users (my shared hosting account probably wouldn't scale very far). I figured it would be simpler to let the paranoid people who want this kind of security run it on their own server if they wish.

If anyone would like a look at the code, or, even better, would like to help with the project, please let me know.

Thank you,
-Carl