Version 1.0 released!

2
Aug/096

Finally, jCryption version 1.0 is online now and free available for everyone.
You can download it on the jCryption Google Code site http://code.google.com/p/jcryption/.

Please give me your feedback how you like the site and jCryption itself.

Daniel G.

Filed under: Uncategorized

6 Comments

Comments (6) Trackbacks (0) ( subscribe to comments on this post )

Martin Farrow
August 12th, 2009

Hi Daniel,

Fantastic library – this is probably what I am looking for

I have a request though: I need to integrate this library into a joomla cms site and there are some issues with JQuery and joomla’s use of mootools. According to JQuery (http://docs.jquery.com/Using_jQuery_with_Other_Libraries) you can put it into noConflict mode which eliminates the $ shortcut. Can you provide an updated js file without the shortcut?

Regards,
- Martin

( REPLY )
- Daniel Griesser
  August 12th, 2009
  
  jCryption is written with an alias …
  You should’t have problems when you call jCryption correctly …
  
  (function($){
  …
  })(jQuery);
  
  That means I can use $ as I like in the plugin because it’s an alias for jQuery.
  I tested it now, and it works fine.
  
  ( REPLY )
  - Martin Farrow
    August 12th, 2009
    
    Thanks for the quick response. My JS experience is limited
    
    ( REPLY )
Steve Weis
August 8th, 2009

This uses raw RSA in ECB mode. It is subsequently vulnerable to both chosen-plaintext and replay attacks. Plus, like most Javascript crypto, it’s vulnerable to man-in-the-middle attacks.

Just use SSL. And watch this lecture by Nate Lawson: http://www.youtube.com/watch?v=ySQl0NhW1J0

( REPLY )
Sebastian Otaegui
August 8th, 2009

Hello Daniel, I really like your library.
It would be nice that you could inform in you home page that this doesnt replace ssl by any means, because depending on the kind of data your site manages, is not only important to encrypt the form posts but the data returned too.
Your library would be awesome (I think) to add login encription to phpbb.

( REPLY )
- Daniel Griesser
  August 8th, 2009
  
  Hi
  Thanks for your reply …
  Yes, you are right jCryption is no replacement for SSL but i wrote this in the FAQ section.
  The idea that encrypted data is sent back to the client is a nice idea, I already thought of that but in the full featured example you can see a “walk around” where you do not need to send back data to the client (if you only want to validate something).
  But to send back encrypted data would be definitely a nice addition to jCryption.
  
  ( REPLY )

No trackbacks yet.

jCryption javascript data encryption

Version 1.0 released!

Leave a comment

Download: