JavaScript Cryptography

As announced in a blog post, we have released a beta test version of the highly optimized Pomcor JavaScript Cryptographic Library (PJCL). The initial version of the library provides symmetric and asymmetric digital signature functionality, including HMAC, DSA, and ECDSA with NIST curves. Broader cryptographic functionality will be included in future releases.

JavaScript was originally intended for performing simple tasks in web pages, but it has grown into a sophisticated general purpose programming language used for both client and server computing, and, in the client, for both web apps and native apps. JavaScript is arguably the most important programming language today.

Good performance of public key cryptography is difficult to achieve in JavaScript, because JavaScript is an interpreted language inherently slower than a compiled language such as C, and provides floating point arithmetic but no integer arithmetic. But fast JavaScript public key cryptography is worth the effort, because it may radically change the way cryptography is used in web applications. PJCL is built atop a very fast implementation of big integer arithmetic, which may be of interest in its own right. The big integer subset includes Karatsuba multiplication, fast modular exponentiation and primality testing. As described in the documentation, we have measured between 7 and 11 times faster modular exponentiation speeds in PJCL than in the Stanford JavaScript Cryptographic Library (SJCL) on various browsers.

An alternative to implementing cryptography in JavaScript is to use the Web Cryptography API of the W3C. This approach is appealing because it provides JavaScript applications with access to cryptographic primitives implemented by the browser or the operating system, presumably in C, possibly with assembly language optimizations. But the W3C API is unnecessarily complicated, requiring fast cryptographic primitives to be invoked via asynchronous JavaScript promises. By contrast, PJCL has a synchronous interface; background processing for slow operations can be easily implemented using a web worker, as exemplified in DSA performance testing code included in the downloadable zip archive. Another drawback of the W3C API is that full stack developers who use it in the browser must use a different API on the server. Furthermore, the widespread integration of just-in-time compilers in modern JavaScript engines means that a JavaScript implementation of cryptography may be competitive with a C implementation made accessible to JavaScript code by the W3C API.