JavasCrypto - How We Are Using Browsers as Cryptographic Engines

Explore the potential of browsers as cryptographic engines in this 20-minute conference talk from CypherCon 2.0. Delve into Kat Traxler's expertise as she discusses client-side encryption, security gaps, and the four holes of crypto. Learn about two approaches to browser-based cryptography, including the Web Crypto API. Examine a thought experiment on key creation and key wrap, and understand the role of hybrid libraries in modern web security. Gain valuable insights into the evolving landscape of browser-based cryptography and its implications for web developers and security professionals.

Intro
Kats background
ClientFired Encryption
Security gaps
Four holes of crypto
Two approaches
Web Crypto API
Thought Experiment
Key Creation
Key Wrap
WebCrypto API
Hybrid Libraries
Summary