Physics, mathematics, and technology

2022 Issue №1

Back to the list Download the article

Securing JavaScript applications with Web Cryptography API



With an increasing number of web applications, the need of ordinary users to have more secure web applications has increased and web developers are attempting to match those ex­pec­tations. This article is devoted to consideration of the basic concepts of the Web Cryp­to­gra­phy API since it defines cryptographic primitives to be deployed across browsers and JavaScript web applications. The purpose of the article is the theoretical justification for the application of Web Crypto API within native JavaScript environments in order to secure web applications. The article deals with the key definitions within the Web Crypto API; des­cribes design and generic interfaces for using cryptographic algorithms; indicates possible li­mi­tations of the Web Crypto API; reviews its compatibility and implementations for Node.js cryp­tomodule, for instance, a WebCrypto prototype for Node.js has been developed. The re­sults of study provide concrete evidence that web applications that use Web Crypto API beco­me more secure as it enforces usage patterns of keys that correlate to known best practices in cryp­tography. The findings suggest that more emphasis should be placed on providing inte­ro­perability between the Web Cryptography API and the existing Node.js crypto module.