Biting into the Forbidden Fruit

Explore the controversial world of JavaScript cryptography in this thought-provoking conference talk from BruCON 0x06. Delve into the history of JS crypto, examine its perceived flaws, and challenge the notion that it's inherently insecure. Discover real-world examples of high-profile crypto libraries, applications, and systems tested for vulnerabilities. Compare JavaScript cryptography to established implementations like OpenSSL, BouncyCastle, and GnuPG. Analyze various security aspects, including XSS, man-in-the-middle attacks, PRNGs, and timing side-channels. Gain insights into language-specific issues, browser quirks, and platform-related challenges. Leave with a comprehensive, updated, and opinionated view on the state of JavaScript cryptography, equipped to question long-held beliefs and make informed decisions about its use in modern web applications.

Intro
About me
JS crypto history
Doomed to fail?
Action plan
Language issues matter
Javascript in a glance
Bit quirks
Magic properties
Silent errors
16 snowmen attack!
AES - SubBytes
Encrypting...
Implicit type coercion
Decrypting...
Web platform
XSS
Poor randomness
Timing side-channels
Compiler optimisation
Direct memory access
Browser extension