Stanford JavaScript Crypto Library

I found a link to SJCL on Hacker News.  This project looks impressive, offering SHA256 for digesting and AES for encryption with a handful of bit lengths.  It boasts any number of other impressive features.

SJCL is secure. It uses the industry-standard AES algorithm at 128, 192 or 256 bits; the SHA256 hash function; the HMAC authentication code; the PBKDF2 password strengthener; and the CCM and OCB authenticated-encryption modes. Just as importantly, the default parameters are sensible: SJCL strengthens your passwords by a factor of 1000 and salts them to protect against rainbow tables, and it authenticates every message it sends to prevent it from being modified. We believe that SJCL provides the best security which is practically available in Javascript. (Unforunately, this is not as great as in desktop applications because it is not feasible to completely protect against code injection, malicious servers and side-channel attacks.)

It is also tiny, at 6.4KB minified, and promises significant performance.  The project page promises some benchmarks to back up the latter claim.  The library is written by Emily Stark, Mike Hamburg and Dan Boneh at Stanford University.

With increasing support for ever more sophisticated client-side APIs like IndexedDB I think using SJCL makes a great deal of sense.  I can easily see dropping it into an application that intends to store sensitive data on the client side.  The library should be cross browser compatible though it is early days and that still requires more testing.  It is also open source, released under either the BSD license or the GPL v2 or later.  No reason not to grab it and give it a whirl.

There is a promise of asymmetric public key support at some point in the future.  I wonder if that means it would be possible to use it in a bookmarklet to bring GPG-like functionality directly into web mail clients?

Leave a Reply

Your email address will not be published. Required fields are marked *