Secure Javascript encryption library?

By : Heinzi
Source: Stackoverflow.com
Question!

I'm searching a javascript library that offers secure encryption. The client has to generate a key and all data uploaded to the server is encrypted, all data downloaded is decrypted. I need an authenticated encryption scheme, just CTR or CBC isn't enough.

I heard about sjcl, but it seems that sjcl only can encrypt the whole data at once. I didn't find a way to encrypt the data blockwise. Because the uploaded files can be very large, this approach isn't feasible. I need something like the java crypto interface with two methods update() and final().

I found the nodeJS crypto library that seems to do what I need, but I don't know how to use it on browser side.

I found google crypto-js, but this library doesn't seem to offer authenticated encryption but only the standard modes.

Is there a way to encrypt data blockwise with sjcl? To use the nodeJS crypto library on browser side? To use authenticated encryption with crypto-js? Or is there another secure javascript library that offers what I need?

By : Heinzi


Answers

Is there any reason why you need to push to an untrusted server from your client?

If the server that is delivering your website is trusted, then you should be able to post your data back to the trusted server, have the trusted server encrypt, and then the trusted server can send the data to the untrusted server for storage.

By : Mike


This video can help you solving your question :)
By: admin