- AES-256, symmetric encryption;
- Fortuna, a strong pseudo-random number generator;
- SRP, a verifier-based authentication protocol;
- SHA-2, hash function.
Browser cryptography is an critical component for building zero-knowledge web applications, better known as host-proof apps, but you can also use it to improve the security of specific portion of your code. As an example, you could consider replacing your present user authentication process with SRP.
Get the code
Basically we need to make the library more flexible and more powerful. Most functions need parameters for selecting the key length, the encoding options, …
Public-key cryptography is an area that definitely needs to be covered. The code already includes a first attempt to use elliptic curve cryptography (ECC), but it is still very slow and incomplete. We would love to improve it and develop all the components of a robust public-key cryptographic system based on elliptic curves. It’s an ambitious and complex plan. Any volunteer to help?