Cryptography in JavaScript: A Practical Guide

Cryptography protects data by transforming it into a format only intended recipients can understand. It's essential for securing passwords, online transactions, and sensitive communications. Below, you'll learn about encryption, hashing, and using JavaScript to implement them.

What is Cryptography?

Cryptography transforms readable data (plaintext) into an unreadable format (ciphertext). Only authorized parties can reverse the process.

Key Concepts:

• Encryption: Converts plaintext into ciphertext.
• Decryption: Reverses ciphertext back to plaintext using a key.

Types of Encryption

1. Symmetric Encryption

Uses the same key for encryption and decryption. The key must be shared securely between sender and receiver. AES is a widely used type of symmetric encryption algorithm that secures data by converting it into an unreadable format. It relies on secret keys and supports 128, 192, or 256-bit key lengths, providing strong protection against unauthorized access. AES is essential for:

• Securing Internet Communication: Safeguarding online interactions like HTTPS.
• Protecting Sensitive Data: Ensuring confidentiality in storage and transmission.
• Encrypting Files: Keeping personal and professional information safe.

Key Elements of AES

Key elements of AES include the key and the Initialization Vector (IV). The key is a secret value shared between parties, determining how data is encrypted and decrypted, and it must always remain confidential. The IV is a random value used alongside the key to ensure that identical plaintext encrypts to different ciphertexts, adding randomness to prevent pattern recognition. While the IV can be public, it must never be reused with the same key. Together, these elements enable AES to effectively counter cyber threats, making it a cornerstone of data security.

Example: AES (Advanced Encryption Standard)

AES encrypts data using a shared key and an initialization vector (IV) for added randomness.

const crypto = require('crypto');

const algorithm = 'aes-256-cbc';
const key = crypto.randomBytes(32);
const iv = crypto.randomBytes(16);

function encrypt(text) {
  const cipher = crypto.createCipheriv(algorithm, key, iv);
  let encrypted = cipher.update(text, 'utf8', 'hex');
  encrypted += cipher.final('hex');
  return { encrypted, iv: iv.toString('hex'), key: key.toString('hex') };
}

function decrypt(encrypted, ivHex, keyHex) {
  const decipher = crypto.createDecipheriv(algorithm, Buffer.from(keyHex, 'hex'), Buffer.from(ivHex, 'hex'));
  let decrypted = decipher.update(encrypted, 'hex', 'utf8');
  decrypted += decipher.final('utf8');
  return decrypted;
}

// Usage
const message = "Secret Message";
const encryptedData = encrypt(message);
console.log("Encrypted:", encryptedData);

const decryptedMessage = decrypt(encryptedData.encrypted, encryptedData.iv, encryptedData.key);
console.log("Decrypted:", decryptedMessage);

2. Asymmetric Encryption

To create a secure encrypted system, asymmetric encryption is often the solution. It uses two keys: a public key for encryption and a private key for decryption. This setup enables secure communication without sharing a single key.

How It Works

1. Key Pair Generation
   
   A public-private key pair is generated. The public key is shared openly, while the private key stays confidential.

2. Encryption
   
   The recipient's public key encrypts the data. Only their private key can decrypt it, keeping the data safe even if intercepted.

3. Decryption
   
   The recipient decrypts the data using their private key.
   

const crypto = require('crypto');

// Generate keys
const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', { modulusLength: 2048 });

const data = "Confidential Data";

// Encrypt
const encrypted = crypto.publicEncrypt(publicKey, Buffer.from(data));
console.log("Encrypted:", encrypted.toString('base64'));

// Decrypt
const decrypted = crypto.privateDecrypt(privateKey, encrypted);
console.log("Decrypted:", decrypted.toString());

Hashing in Cryptography

Hashing converts data into a fixed-length, irreversible string (hash). It's commonly used for verifying data integrity and securely storing passwords.

Popular Hashing Algorithms:

• SHA-256: Secure and widely used.
• SHA-3: Newer with enhanced security.
• MD5 and SHA-1: Deprecated due to vulnerabilities.

Example of Hashing a String in Node.js

const crypto = require('crypto');
const hash = crypto.createHash('sha256').update('Hello, World!').digest('hex');
console.log(hash); // Example output: dffd6021bb2bd5b0af676290809ec3a53191dd81c7f70a4b28688a362182986f

Encryption vs. Hashing

Practical Example: Asymmetric Encryption in Projects

In my project Whisper, we used asymmetric encryption to secure anonymous chat messages. Messages are encrypted with the recipient's public key, ensuring only the recipient can decrypt them using their private key.

For client-side React implementation, we used crypto-js for encryption and decryption:

const encoder = new TextEncoder();
const encryptedMessage = await crypto.subtle.encrypt(
  { name: 'RSA-OAEP' },
  importedPublicKey,
  encoder.encode('Hello')
);

Decryption uses the private key:

const decryptedMessage = await crypto.subtle.decrypt(
  { name: 'RSA-OAEP' },
  privateKey,
  encryptedMessage
);

Explore Whisper's Code for detailed examples.

Conclusion

Cryptography strengthens data security in applications. Use symmetric encryption like AES for shared-key scenarios and asymmetric encryption for public-private key systems. Hashing ensures data integrity, especially for passwords. Select the right cryptographic approach based on your application's needs.

Need more knowledge?

Read more on Shared Key
Read more on Public Key
Read more on SHA-256
Read more on SHA-3
Read more on MD5
Read more on SHA-1
Read more on Symmetric-encryption
Read more on AES

Thanks for reading, let me know what you think about this and if you would like to see more, if you think i made a mistake or missed something, don't hesitate to comment