book

Essential Cryptography for JavaScript Developers

Name: Essential Cryptography for JavaScript Developers
Author: Alessandro Segala
ISBN: 9781801075336

by Alessandro Segala

February 2022

Intermediate to advanced

220 pages

5h 4m

English

Packt Publishing

Read now

Unlock full access

Essential Cryptography for JavaScript Developers
ContributorsAbout the authorAbout the reviewers
Preface
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesDownload the color imagesConventions usedGet in touchShare Your Thoughts
Part 1 – Getting Started
Chapter 1: Cryptography for Developers
What is cryptography and why should a developer care?Protecting secrets……and the other uses of modern cryptographyWhy this matters to developersWhat this book is about – and what it's notRules of engagementDefining "safe"Types and "layers" of encryptionSummary
Chapter 2: Dealing with Binary and Random Data
Encoding and representing binary dataA brief word on character encodings and why we encode binary dataBuffers in Node.jsHex encodingBase64Generating cryptographically secure random byte sequencesThe importance of randomnessUsing crypto.randomBytesSummary
Part 2 – Using Common Cryptographic Operations with Node.js
Chapter 3: File and Password Hashing with Node.js
Technical requirementsAn overview of hashing functionsProperties of hashing functions, and how they differ from encryptionUses for hashing functionsCalculating digests and generating identifiersHashing a short message or stringHashing large files and streamsHow to "break" a hashFast hashing functions and low-entropy inputsRainbow tablesHashing passwords and deriving keysArgon2ScryptOlder hashing functionsCollisionsSummary
Chapter 4: Symmetric Encryption in Node.js
Technical requirementsSymmetric and asymmetric encryptionSymmetric encryption with AESKey lengthMode of operationInitialization vectorUsing AES with Node.jsSymmetric encryption with ChaCha20-Poly1305Example usage with Node.jsWhen to use ChaCha20-Poly1305 or AES-GCMKey derivationReusing keysWrapping keys and best practices for encrypting large documentsAES Key WrapWrapping user keysSummary
Chapter 5: Using Asymmetric and Hybrid Encryption in Node.js
Technical requirementsUnderstanding public-key and hybrid cryptosystemsThe need for public-key cryptographyHybrid cryptosystemsLoading, exporting, and encoding public and private keysEncoding keys as PEMReading and exporting keysUsing RSA with Node.jsGenerating an RSA key pairUsing RSA for encryption and decryptionHybrid encryption with RSA and AESKey agreements with Elliptic-Curve Diffie-HellmanPicking a curveGenerating EC key pairsDiffie-Hellman key agreements and Perfect Forward SecrecyPerforming an ECDH key agreementData encryption with ECIESSummary
Chapter 6: Digital Signatures with Node.js and Trust
Technical requirementsThe what, how, and why of digital signaturesHashes and digital signaturesProperties of digital signaturesHow digital signatures workDigital signatures and encryptionHow developers use digital signaturesCalculating and verifying digital signatures with Node.jsUsing RSAUsing elliptic curvesTrust and certificatesThe problem of trusting keysPublic keys and certificatesPublic Key InfrastructureAlternative approachesSummary

Part 3 – Cryptography in the Browser
Chapter 7: Introduction to Cryptography in the Browser
Technical requirementsPlaygroundIn Node.jsAbout cryptography in the browser – uses and challengesChallenges of cryptography in the browserBuilding browser-based apps that use cryptographyBinary data in the browserBuffers and typed arrays in the browserGenerating random dataKeys in Web CryptoThe CryptoKey objectGenerating keysImporting keysExporting keysSummary
Chapter 8: Performing Common Cryptographic Operations in the Browser
Technical requirementsHashing and key derivationCalculating checksumsHashing passwordsDeriving encryption keysSymmetric encryptionEncrypting and decrypting messages with AESAsymmetric and hybrid cryptographyEncrypting and decrypting short messages with RSAHybrid encryption with RSA and AESUsing elliptic curves for ECDH key agreements and ECIES hybrid encryptionDigital signaturesDigital signatures with the WebCrypto APIsCalculating and verifying RSA signaturesCalculating and verifying ECDSA signaturesSummary
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare Your Thoughts

Overview

Discover how to easily integrate cryptographic operations into your JavaScript applications, enhancing both security and user privacy. With "Essential Cryptography for JavaScript Developers," you will understand the practical applications of safe encryption, hashing, and key management using examples in both Node.js and browser environments.

What this Book will help me do

Implement cryptographic operations like hashing, encryption, and signature creation using JavaScript.
Choose and apply modern cryptographic algorithms such as AES, RSA, and Elliptic Curve Cryptography.
Utilize cryptographic libraries effectively to ensure secure handling of data and key management.
Gain a thorough understanding of password hashing techniques including Argon2 and SHA-2.
Develop privacy-respecting, secure applications across both server and client-side platforms.

Author(s)

None Segala is a seasoned software developer with extensive experience in developing secure, modern applications. They specialize in teaching complex technical topics in an understandable and approachable way, with a passion for data security and privacy.

Who is it for?

This book is tailored for software developers and JavaScript enthusiasts who have an intermediate understanding of JavaScript and an interest in incorporating cryptography into their applications. It is ideal for professionals aiming to create secure and privacy-focused software or delve deeper into the world of cryptographic applications.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781801075336

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills