Encrypted Notes on iOS — What AES-256 Actually Protects

Quick answer: Encrypted notes on iOS are note-app entries whose contents are scrambled with a cryptographic key so that even the app developer cannot read them. Secure Notes uses AES-256 — the same symmetric cipher specified in NIST FIPS 197 and used by US government agencies for TOP SECRET material.

How does AES-256 encryption work in a notes app?

When you type a note, the app generates a 256-bit symmetric key from your password. The note contents are encrypted with that key before they ever touch disk or iCloud. Without the password (or a backup recovery seed), the encrypted bytes are mathematically unreadable. End-to-end encryption extends this guarantee to sync: the encrypted blob travels to iCloud and stays encrypted until it lands back on a trusted device.

What threats does encryption actually block?

• Lost or stolen iPhone: even if the attacker bypasses the lock screen, your notes are encrypted at rest.
• iCloud account compromise: an attacker with your Apple ID sees only ciphertext, not note content.
• Developer access: the publisher cannot hand your notes to a third party because the keys never leave your device.
• Data breach at rest: backups of the encrypted database are useless without the password.

What encryption does NOT protect against?

Encryption is not magic. A weak password still gets brute-forced. Screenshots of unlocked notes are plain text. Malware running with user-level access can read whatever you have open on screen. A strong passphrase and Face ID lock on the device are the foundations that encryption builds on.

Ready to put this into practice? Start with the password setup guide or set up a secure folder for the notes that matter most.