8 Mar 2001

Home | Hrvatski

JScriptEncrypt

This article was contributed by Tomislav Šereg <mailto:tsereg@net.hr> .

Environment: JavaScript 1.2

Please, read at least important note below on this page.

Introduction

I apologize for not-so-good English displayed in this text, especially for my "the's" and my "a's" which I still haven't quite figured out. And anything else I was not aware of.

This JavaScript library provides encryption for Web pages using simple, text-oriented method called column transposition. The idea is to write the plain text in block on the row-first bases. The text is then read column-first. The trick is in that the columns are not read from left to right, but in the order specified by the encryption key.

Possibly, some very clever individual familiar with the context of the text being encrypted might guess the original content or, at least, some parts of it. This is why simple transliteration is applied first.

If one is not concerned with government spying on them, this method may provide enough secrecy for data you would like to hide from casual visitors to your pages.

This implementation is solely textual, so encrypted text can be easily manipulated and nicely fits inside the page.  Further more, one can change the character encoding of the web page with embedded encrypted text just as any other page. Those that use several charsets (like Windows-1250 and ISO-8859-2) may find this useful.

If You'll be using this code, please email a link to <mailto:tsereg@net.hr> if appropriate. I would like to see how did You use it.

Important! Please read.

Real security is NOT something you can plug-and-play! It's a topic that requires good understanding of (at least) basics and then choosing most appropriate professional solution.

If you got some good ideas looking at code presented here, please study carefully at least document published at <http://www.rsasecurity.com/rsalabs/faq/index.html> .

What's this algorithm good for?

Rule of the thumb

This algorithm is like a lock on the door: It keeps your opportunistic neighbour away while you are at work, but does not protect you against a thief that wants to steal your new stereo and 1000 bucks you keep under the bed!

If you want a good protection, check out professional and commercial products based on PGP, RSA, IDEA, Blowfish. Check out VeriSign's certificates, Netscape's SSL and others.

Contents

Proceed to the Simple Example first.

Then look at the User's Guide so you could understand...

the advanced Address Book Example .

If you want to know how this whole thing was implemented, look at the Technical Specification .

If you prefer to see the source, open <security.js> file.

Finally, there is a Practical Guide with comments, problems and solutions I was contacted with.

Rate this script

I would appreciate very much if you would rate quality of this script!

Excellent! | Very Good | Good | Fair | Poor |

Download

Download code and articles - 34 Kb

History

Date Posted: Jun 20, 2000

Aug 4, 2000 - Added answer regarding e-mailing of encrypted text .

Posted to...

Reader Comments

Do you have a comment about this page?

Quick rate this page:

This document: <http://www.inet.hr/~tsereg/en/jse/index.html>