Cryptography Executed in Web Browsers – Achieving Convenient End-to-End Security for Lock Access Control

Abstract: Many client-server applications are not protected with end-to-end security, allowing the web server to control all data. In this thesis, the feasibility of executing modern cryptography on the web browser has been evaluated and proposed an end-to-end security design for cloud-based lock access control.  Multiple cryptography libraries and packages that can run on web browsers have been evaluated in terms of computation time and space. Networking and Cryptography Library (NaCl) was found to include modern state-of-the-art cryptographic schemes that can be used to build web applications with end-to-end security. All tested NaCl and its superseded packages were efficient enough to not be noticeable by the end users as each cryptographic operation takes less than 50 milliseconds on tested devices. One of its WebAssembly packages was chosen as it was found to be much more performant than its JavaScript counterpart and is as secure. Secured cryptographic key management on the web browser was also found to be possible. The keys can be stored using web browser built-in IndexedDB and Web Crypto API AES-GCM CryptoKey. The AES-GCM key can either be a random key or derived from PBKDF2 using a password. When it is derivable from PBKDF2, the cryptographic keys can be easily recovered when the web browser data is cleared.  The lock access control prototype, which regulates user-lock permissions, showcases how end-to-end encryption can be utilized for lock access delegation and logging. A user can delegate access permissions to another user without the web server having any control over the locks. Moreover, confidentiality, authenticity, and integrity of the log entries, that are generated by the locks, were achieved and are auditable. Therefore, end-to-end security is accomplished and deemed efficient and scalable for the implemented use cases. For an encrypted log entry readable by 10 lock owners, the ciphertext size is around 1,900 bytes and takes approximately 200 milliseconds for it to get transferred back to a smartphone that was used to communicate with a Near Field Communication lock.