Essential Cryptography for JavaScript Developers: A practical guide to leveraging common cryptographic operations in Node.js and the browser
- Length: 220 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-02-28
- ISBN-10: 1801075336
- ISBN-13: 9781801075336
- Sales Rank: #905536 (See Top 100 Books)
Discover how to take advantage of common cryptographic operations to build safer apps that respect users’ privacy with the help of examples in JavaScript for Node.js and browsers
Key Features
- Understand how to implement common cryptographic operations in your code with practical examples
- Learn about picking modern safe algorithms, which libraries you should rely on, and how to use them correctly
- Build modern and secure applications that respect your users’ privacy with cryptography
Book Description
If you’re a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework.
With a purely hands-on approach that is focused on sharing actionable knowledge, you’ll learn about the common categories of cryptographic operations that you can leverage in all apps you’re developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You’ll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you’ll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers.
By the end of this book, you’ll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities.
What you will learn
- Write JavaScript code that uses cryptography running within a Node.js environment for the server-side or in frontend applications for web browsers
- Use modern, safe hashing functions for calculating digests and key derivation, including SHA-2 and Argon2
- Practice encrypting messages and files with a symmetric key using AES and ChaCha20-Poly1305
- Use asymmetric and hybrid encryption, leveraging RSA and Elliptic Curve Cryptography with ECDH and ECIES
- Calculate and verify digital signatures using RSA and ECDSA/EdDSA
- Manage passwords and encryption keys safely
Who this book is for
This cryptography book is an introductory guide for software developers who don’t necessarily have a background in cryptography but are interested in learning how to integrate it in their solutions, correctly and safely. You’ll need to have at least intermediate-level knowledge of building apps with JavaScript and familiarity with Node.js to make the most of this book.
Essential Cryptography for JavaScript Developers Contributors About the author About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Download the color images Conventions used Get in touch Share Your Thoughts Part 1 – Getting Started Chapter 1: Cryptography for Developers What is cryptography and why should a developer care? Protecting secrets… …and the other uses of modern cryptography Why this matters to developers What this book is about – and what it's not Rules of engagement Defining "safe" Types and "layers" of encryption Summary Chapter 2: Dealing with Binary and Random Data Encoding and representing binary data A brief word on character encodings and why we encode binary data Buffers in Node.js Hex encoding Base64 Generating cryptographically secure random byte sequences The importance of randomness Using crypto.randomBytes Summary Part 2 – Using Common Cryptographic Operations with Node.js Chapter 3: File and Password Hashing with Node.js Technical requirements An overview of hashing functions Properties of hashing functions, and how they differ from encryption Uses for hashing functions Calculating digests and generating identifiers Hashing a short message or string Hashing large files and streams How to "break" a hash Fast hashing functions and low-entropy inputs Rainbow tables Hashing passwords and deriving keys Argon2 Scrypt Older hashing functions Collisions Summary Chapter 4: Symmetric Encryption in Node.js Technical requirements Symmetric and asymmetric encryption Symmetric encryption with AES Key length Mode of operation Initialization vector Using AES with Node.js Symmetric encryption with ChaCha20-Poly1305 Example usage with Node.js When to use ChaCha20-Poly1305 or AES-GCM Key derivation Reusing keys Wrapping keys and best practices for encrypting large documents AES Key Wrap Wrapping user keys Summary Chapter 5: Using Asymmetric and Hybrid Encryption in Node.js Technical requirements Understanding public-key and hybrid cryptosystems The need for public-key cryptography Hybrid cryptosystems Loading, exporting, and encoding public and private keys Encoding keys as PEM Reading and exporting keys Using RSA with Node.js Generating an RSA key pair Using RSA for encryption and decryption Hybrid encryption with RSA and AES Key agreements with Elliptic-Curve Diffie-Hellman Picking a curve Generating EC key pairs Diffie-Hellman key agreements and Perfect Forward Secrecy Performing an ECDH key agreement Data encryption with ECIES Summary Chapter 6: Digital Signatures with Node.js and Trust Technical requirements The what, how, and why of digital signatures Hashes and digital signatures Properties of digital signatures How digital signatures work Digital signatures and encryption How developers use digital signatures Calculating and verifying digital signatures with Node.js Using RSA Using elliptic curves Trust and certificates The problem of trusting keys Public keys and certificates Public Key Infrastructure Alternative approaches Summary Part 3 – Cryptography in the Browser Chapter 7: Introduction to Cryptography in the Browser Technical requirements Playground In Node.js About cryptography in the browser – uses and challenges Challenges of cryptography in the browser Building browser-based apps that use cryptography Binary data in the browser Buffers and typed arrays in the browser Generating random data Keys in Web Crypto The CryptoKey object Generating keys Importing keys Exporting keys Summary Chapter 8: Performing Common Cryptographic Operations in the Browser Technical requirements Hashing and key derivation Calculating checksums Hashing passwords Deriving encryption keys Symmetric encryption Encrypting and decrypting messages with AES Asymmetric and hybrid cryptography Encrypting and decrypting short messages with RSA Hybrid encryption with RSA and AES Using elliptic curves for ECDH key agreements and ECIES hybrid encryption Digital signatures Digital signatures with the WebCrypto APIs Calculating and verifying RSA signatures Calculating and verifying ECDSA signatures Summary Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share Your Thoughts
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Essential Cryptography for JavaScript Developers: A practical guide to leveraging common cryptographic operations in Node.js and the browser
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.