Highlights on Java Script Encryption Technique
Posted By : Palak Sharma | 28-May-2018
Javascript Web Encryption Technique is one of the ways how to show encrypted data in the form of JSON data structures. It provides the data structure to encrypt a plain text. The structure consists of mainly three things. Before going into detail, firstly we must have a knowledge of what is Plain Text and what is Cipher Text?
So, Plaintext is bytes to be encrypted and CipherText is the encrypted version of the plain text. Content Encryption Key is the symmetric key generated to encrypt the plaintext for the user to produce the Ciphertext, which is encrypted to the user as the JWE Encrypted Key.
1) JWE Header:- This represents JSON object that describes the encryption operations which are applied to create JWE Ciphertext, which is return to the user as an encrypted text.
2) JWE Encrypted Key:- It is encrypted with a key and the output is recorded as the byte array, which is called as the Javascript Web Encryption.
3) JWE CipherText:- A byte array containing the ciphertext.
JWE represents encrypted content using data JSON structures and base64. The three parts which JWE contains are base64url-encoded and are enclosed in order separated by period ( . ) character.
{"alg":"RSA1_5",
"enc":"A256GCM",
"iv":"__79_Pv6-fg",
"x5t":"7noOPq-hJ1_hCnvWh6IeYI2w9Q0"}
In above example is:-
a) The Content Encryption Key is encrypted using RSA-PKCS1_1.5 algorithm to produce Encrypted Key.
b) The Plaintext is encrypted using the AES-256-GCM algorithm.
c) The specified 64-bit initialization Vector with the base64.
With all the conversion it will lead to some alphanumeric code key
eyJhbGciOiJSU0ExXzUiLA0KICJlbmMiOiJBMjU2R0NNIiwNCiAiaXYiOiJfXzc5
X1B2Ni1mZyIsDQogIng1dCI6Ijdub09QcS1oSjFfaENudldoNkllWUkydzlRMCJ9
With this Content Encryption Key, we will convert a plain text to cipher text and using the recepient's key to encrypt the CEK (Content Encryption Key) to produce the JWE (Javascript Web Encryption).
To conclude, we can use this technique to encrypt our crucial data being expose over the network.
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Palak Sharma
Palak is enthusiastic and passionate about coding , Her areas of expertise in coding languages are JavaScript and angular , html and css .