Skip to content Skip to sidebar Skip to footer
Home / Authentication / Encryption / Encryption Asymmetric / Javascript

Javascript Asymmetric Encryption And Authentication

Post a Comment
Some of the guys here are developing an application which incorporates some 'secure areas' accessible by logging in. In the past, the login form and subsequent 'secure' pages were

Solution 1:

Don't do this. Please use SSL/TLS. See Javascript Cryptography Considered Harmful.

Solution 2:

If you can provide a single SSL site to deliver your JavaScript securely (to avoid the attack mentioned above), then you can use the opensource Forge library to provide cross-domain TLS connections to your other sites after generating self-signed certificates for them. The Forge library also provides other basic crypto stuff if you opt to go in a different direction. Forge has an XMLHttpRequest wrapper that is nearly all JavaScript, with a small piece that leverages Flash's socket API to enable cross-domain communication.

http://digitalbazaar.com/2010/07/20/javascript-tls-1/

https://github.com/digitalbazaar/forge

You may like these posts

Post a Comment for "Javascript Asymmetric Encryption And Authentication"