Nick Van den Bleeken
why
- easy and secure authentication
- sign/verify messages & docs
- encrypt docs
existing crypto frameworks (Dojo, CryptoJS, etc.)
- completely implemented in JavaScript
- hard to protect against timing attacks (optimizations in JS engine change)
- Math.random() is not secure
- hard to get correct
- performance issues (e.g. number is 64bit float)
alternatives:
- java plugins
- disabled in many browsers (recommendation US DHS)
- not on mobile
- native extensions
- separate install
- browser specific (some browsers drop support for extension!)
- not on mobile
solution: Web Cryptography API
- W3C standard: http://www.w3.org/TR/WebCryptoAPI/ (under construction...)
- JS API for web developers
- still requires TLS to prevent sniffing communication
- still relatively complex (requires correct usage of encryption algorithms)
low level API
- Basic building block: window.crypto.subtle
- .generateKey(algorithmKeyGen ...)
- callback when key is generated
- importKey: add existing keys (e.g. public key of bank)
- verify() signature
- decrypt() message
- sign() message
- ...
- .generateKey(algorithmKeyGen ...)
- use and combine it for more complex operation
high level API:
- what framework to choose NaCl, KeyCzar, SJCL or ...
- hard to define
- existing APIs should address this: JQuery, Dojo, Prototype etc.
- -> Not for now...
implemented by
- MS IE11 (old version of spec)
- chromium (flags)
- mozilla (under development)
- missing: Safari...
- polycrypt (old version of spec)
- Netflix: webcrypto key discovery
future need: smartcard support (but: not a focus for US-based companies...)
