W3C home > Mailing lists > Public > public-web-security@w3.org > June 2011

Re: Smart Card support. Re: Request for feedback: DOMCrypt API proposal

From: Nico Williams <nico@cryptonector.com>
Date: Thu, 9 Jun 2011 16:23:52 -0500
Message-ID: <BANLkTi=PECHBk5zfANTmZhqrBm-d73PcMA@mail.gmail.com>
To: David Dahl <ddahl@mozilla.com>
Cc: public-web-security@w3.org, Jarred Nicholls <jarred@sencha.com>
On Thu, Jun 9, 2011 at 4:17 PM, David Dahl <ddahl@mozilla.com> wrote:
>> Alright, you've found a use for JS crypto for which I can get
>> on-board. Although key management is a problem (e.g., if derived from
>> a password then an attacker could mount offline dictionary attacks
>> after acquiring a copy of the ciphertext).
>>
>> (Or did you mean on the client-side?)
>>
> The client does all crypto operations and the server is only given cipher text to store - and, yes, key management is still a problem, which I know is a huge problem that will have a solution at some point. I think starting small and focused is a good way to get things rolling. This API is useful enough as is, and a key management and exchange API will be designed to complement this.

You've sold me on one clever use for JS crypto APIs.  Given that I can
ignore my concern regarding false sense of security in other uses.
I'm still concerned that developers will not use crypto correctly
(consider the CBC padding oracle vulnerabilities we've seen in the
past), so I'd rather we offer AEAD APIs than, or at least in addition
to, say, raw AES APIs.

Nico
--
Received on Thursday, 9 June 2011 21:24:25 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:19 UTC