undefined | Better HN

0 pointsfouadmatin7y ago0 comments

SubtleCrypto is a new browser-adopted spec for performing crypto operations natively. For example, instead of using Math.random() for random number generation, you can use https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getR... in combination with the SubtleCrypto functions to work with keys securely

Your points around a compromised JS bundle are still possible but that has more to do with a company’s deployment/change management setup than JS itself imo

0 comments

skrebbel7y ago

> Your points around a compromised JS bundle are still possible but that has more to do with a company’s deployment/change management setup than JS itself imo

But that's the only point I intend to address here. If Pascal had been the language of the web then my question would have been about Pascal.

Therefore I don't see how SubtleCrypto changes matters much.

In short, if I get it right, the argument would be that in eg a mobile app, all the e2e logic (the core crypto plus the code around it) go through peer-review, then some release management process, then some review by Apple or Google, before it lands in my hands via their app stores' well secured delivery mechanism. In a web app, a single compromised server will compromise all security instantly. Generally I'm fine with trusting Mozilla's servers, but if I have to trust their servers then what's the point of end to end encryption?

anon42427y ago

> In a web app, a single compromised server will compromise all security instantly.

This is only true if the server has access to the keys of your data. E2EE typically means that it doesn't, only you do.

dchest7y ago

In a browser, the server serving the JS has an opportunity to access the keys.

2 more replies

skrebbel7y ago

And how does that work with Firefox Send? Isn't the key somehow in the payload or the URL?

1 more reply

gnachman7y ago

If it works, it prevents mass surveillance and makes insider attacks much more difficult.

thinkloop7y ago

Didn't realize it had full support by every browser, even ie: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getR...

shezi7y ago

The problem with that table is that this only lists the entry methods, which are supported in all browsers. However, the actual work is hidden behind parameters, not all of which are supported by all browsers, and some have to be in weird combinations. One example is that Edge does not support PBKDF2 in any form, which makes many of their further support a bit weird to use.

Here's a site where you can test your browser's compatibility with many combinations: https://diafygi.github.io/webcrypto-examples/

fzzzy7y ago

I think it uses a cryptofill shim for browsers that don't support all of the crypto api

kbenson7y ago

The SubtleCrypto portion of the API is slightly less supported in that it appears to have spotty/non-compliant IE and Edge coverage.[1]

1: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...

j / k navigate · click thread line to collapse

0 comments

skrebbel7y ago

> Your points around a compromised JS bundle are still possible but that has more to do with a company’s deployment/change management setup than JS itself imo

But that's the only point I intend to address here. If Pascal had been the language of the web then my question would have been about Pascal.

Therefore I don't see how SubtleCrypto changes matters much.

anon42427y ago

> In a web app, a single compromised server will compromise all security instantly.

This is only true if the server has access to the keys of your data. E2EE typically means that it doesn't, only you do.

dchest7y ago

In a browser, the server serving the JS has an opportunity to access the keys.

2 more replies

skrebbel7y ago

And how does that work with Firefox Send? Isn't the key somehow in the payload or the URL?

1 more reply

gnachman7y ago

If it works, it prevents mass surveillance and makes insider attacks much more difficult.

thinkloop7y ago

Didn't realize it had full support by every browser, even ie: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getR...

shezi7y ago

Here's a site where you can test your browser's compatibility with many combinations: https://diafygi.github.io/webcrypto-examples/

fzzzy7y ago

I think it uses a cryptofill shim for browsers that don't support all of the crypto api

kbenson7y ago

The SubtleCrypto portion of the API is slightly less supported in that it appears to have spotty/non-compliant IE and Edge coverage.[1]

1: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...

j / k navigate · click thread line to collapse