Category: encryption

Secure messaging in the browser

By observing news and public discussions I feel that there is a growing awareness of data privacy and an increasing demand for secure person-to-person communication. In order to address my communication needs, I plugged together a few Javascript libraries and started the Webencryption [1] project on Github. What is Webencryption? Webencryption is a rather crude … Continue reading Secure messaging in the browser

RSA is partially cryptographically homomorphic

Homomorphic cryptography [1], should it ever become available as a product, will have an intriguing property: computers will be able to operate on encrypted data without either having to- or being able to decrypt it. Competitive or regulatory pressure leads many organisations to distrust public (or private) clouds with their data and algorithms, so they … Continue reading RSA is partially cryptographically homomorphic

Stateless user sessions with encrypted session IDs

When trying to design for stateless services one finds it easy to reduce the information stored in an http session but for one piece: whether the client has authenticated against the server or not. Usually you would implement a proccess for authenticating like this:Client submits credentials (login / password) to the serverServer checks the credentialsServer … Continue reading Stateless user sessions with encrypted session IDs