Essential Cryptography for JavaScript Developers

By : Alessandro Segala

Essential Cryptography for JavaScript Developers

By: Alessandro Segala

Overview of this book

If you’re a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework. With a purely hands-on approach that is focused on sharing actionable knowledge, you’ll learn about the common categories of cryptographic operations that you can leverage in all apps you’re developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You’ll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you’ll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers. By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Share Your Thoughts

Part 1 – Getting Started

Free Chapter

Chapter 1: Cryptography for Developers

What is cryptography and why should a developer care?

Defining "safe"

Types and "layers" of encryption

Summary

Chapter 2: Dealing with Binary and Random Data

Encoding and representing binary data

Base64

Generating cryptographically secure random byte sequences

Summary

Part 2 – Using Common Cryptographic Operations with Node.js

Chapter 3: File and Password Hashing with Node.js

Technical requirements

An overview of hashing functions

Calculating digests and generating identifiers

How to "break" a hash

Hashing passwords and deriving keys

Older hashing functions

Summary

Chapter 4: Symmetric Encryption in Node.js

Technical requirements

Symmetric and asymmetric encryption

Symmetric encryption with AES

Symmetric encryption with ChaCha20-Poly1305

Key derivation

Wrapping keys and best practices for encrypting large documents

Summary

Chapter 5: Using Asymmetric and Hybrid Encryption in Node.js

Technical requirements

Understanding public-key and hybrid cryptosystems

Loading, exporting, and encoding public and private keys

Using RSA with Node.js

Key agreements with Elliptic-Curve Diffie-Hellman

Summary

Chapter 6: Digital Signatures with Node.js and Trust

Technical requirements

The what, how, and why of digital signatures

Calculating and verifying digital signatures with Node.js

Trust and certificates

Summary

Part 3 – Cryptography in the Browser

Chapter 7: Introduction to Cryptography in the Browser

Technical requirements

About cryptography in the browser – uses and challenges

Binary data in the browser

Keys in Web Crypto

Summary

Chapter 8: Performing Common Cryptographic Operations in the Browser

Technical requirements

Hashing and key derivation

Symmetric encryption

Asymmetric and hybrid cryptography

Digital signatures

Summary

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Chapter 1: Cryptography for Developers

"Dance like no one's watching. Encrypt like everyone is."

– Anonymous

Few things are as important for application security as cryptography. Done properly, it can make data unreadable to attackers even if you suffer a breach. But do it wrong, and it can actually amplify the impact of other vulnerabilities.

While cryptography is incredibly accessible to developers nowadays, many still have questions around how to use it, when to use it, and which of the many options or algorithms to pick.

This book will try to answer those questions without going into formal, academic explanations, and without complex mathematical formulas or diagrams, in a way that is friendly to developers. Unlike many other books on the topic, our goal won't be to train you to become a cryptographer. Instead, by the end of this book, you'll hopefully have enough knowledge of the most important algorithms to be able to use them in your code confidently.

All code samples in this book are written in JavaScript and assume a Node.js execution environment, with the exception of Part 3, Cryptography in the browser, in which we'll look at the Web Crypto APIs for usage in a web browser. However, even if you code in a different programming language, you will be able to follow along to learn the core concepts, and then replicate them in your preferred stack using one of the many libraries that are available to you.

In this first chapter, we're going to introduce the book and cover the following topics:

An overview of what cryptography is and why it matters to developers
A definition of "safe" in the context of cryptography
Types and "layers" of encryption

Essential Cryptography for JavaScript Developers

By : Alessandro Segala

Essential Cryptography for JavaScript Developers

By: Alessandro Segala

Overview of this book

Related Content you might be interested in

Current Title:

Essential Cryptography for JavaScript Developers

Demystifying Cryptography with OpenSSL 3.0

Hands-On Cryptography with Python

TLS Cryptography In-Depth

Chapter 1: Cryptography for Developers