0.0.3 • Published 6 years ago

e2e-crypto v0.0.3

Weekly downloads
5
License
MIT
Repository
github
Last release
6 years ago

WORK IN PROGRESS | End-To-End Encryption utility function

WIP This is the module used in zakardo.io to implement end to end encryption for all our user sensitive data.

Password hash generation

Since we are implementing E2E Encryption, the user's password is to be used to generate the secret for all data encryption.

This means that at no point the password in clear text should be available in the server Not even just in memory before being hashed and saved. Nor should any one with access to all the data on the server be able to retrieve it.

In order to make this possible we create a hash of the password in the client using the username + password as the key then we save the hash in the server for authentication purposes.

Example: 

let username = "zak";
let password = "My Awesome Super Safe Password";
hashed_password = e2e_crypto.password_hash(username,password);
console.log(gashed_password);
// This will produce the following : 
// bSClWKeDmuYTzsvoocyGlP9IdgRXSFT3g6Im68yEUNR8DUKOWPAGlibh6NG3sfzAFPtDJ4tfToht7ryP8CJsZw==
crypte2e.javascript.sha512aes256encryptionendtoend
crypto-js
@everything-registry/sub-chunk-1544@zalastax/nolb-e2
0.0.3

6 years ago

0.0.2

6 years ago

0.0.1

6 years ago