5. 4
4
php hash hkdf() (2018 )
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 5 / 50
6. :
Web Web
:
Bash, Git
Node.js, npm, yarn
Google Chrome and/or Firefox
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 6 / 50
7. ( )
1 &JS
2 AES
3
4 MAC
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 7 / 50
29. Node.js
AES
AES
jscu 17
API Code snippet
17
https://github.com/junkurihara/jscu
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 29 / 50
30. yarn execute post -r -p ‘ ’ ‘ ’
sample
$ yarn execute post -r -p ’my password’ ’my private data’ // -r
Register encrypted data to remote server
Data: my private data
Password: my password
Derived key and its related params: //
Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s=
PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw=
PBKDF2 Param - Hash: SHA-256
PBKDF2 Param - Iteration: 2048
Registered id: 1 // id=1
S4lFVWrvLj4OjPfFRTgVJFfRUI+6LIlw1VooFzG2J5E=
my password
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 30 / 50
32. yarn execute get -r -p ‘ ’ ‘id ’
$ yarn execute get -r -p ’my password’ 1 // -r
Retrieve encrypted data to remote server
Id: 1
Password: my password
Derived key and its related params: //
Derived key in Base64: fiP4flrlhd3Iwg5MOyln7zNNk4Au9If429n2uvfi43s=
PBKDF2 Param - Salt in Base64: zyD7/TGDq3dig3l4zJ5SRzFKVnIjw2KG26XUrMZFkkw=
PBKDF2 Param - Hash: SHA-256
PBKDF2 Param - Iteration: 2048
Decrypted data: my private data //
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 32 / 50
33. ( )
yarn execute post -r -m ‘ ’ ‘ ’ 18
sample
$ yarn execute gen-secret 32 // Base64
Generated master secret in Base64: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=
$ yarn execute post -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ ’my
private data’
Register encrypted data to remote server
Data: my private data
Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=
Derived key and its related params: //
Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY=
HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0=
HKDF Param - Hash: SHA-256
Registered id: 2
18
Base64
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 33 / 50
34. AES CBC IV
Salt, Hash
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 34 / 50
35. yarn execute get -r -m ‘ ’ ‘id ’
$ yarn execute get -r -m ’mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=’ 2 // -r
Retrieve encrypted data to remote server
Id: 2
Master secret: mP95WFEv3G/iWsjQKC4mEuEmCkiS8dRK80Q6CpC1bc0=
Derived key and its related params: //
Derived key in Base64: 1vgTfxp3FEi3kpJiQ6h0vxtDCkdz+u5XQUF1tPm1VMY=
HKDF Param - Salt in Base64: 8SM9tyXJUX+JGwLswIUnnGyHPL+7hzkSHXaKY7z0AF0=
HKDF Param - Hash: SHA-256
Decrypted data: my private data //
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS 02 January 26, 2020 35 / 50