Native JS Encryption

Shabsi Walfish shabsi at
Mon Mar 21 08:58:09 PDT 2011

Just FYI, you are going to run into the problem of key portability. If the
key is derived from a password, your encrypted copy of the user's data
(which might be subject to subpoena?) could be easily cracked via offline
dictionary attacks. I hope you at least plan to use a salt, many iterations
of a good derivation function, etc. IMHO, users would be better off if you
just t-of-n secret shared their storage across multiple hosts in different
countries instead, but I can see why thats a challenge.


On Mon, Mar 21, 2011 at 5:22 AM, Boris Zbarsky <bzbarsky at> wrote:

> On 3/21/11 4:40 AM, Erik Corry wrote:
>> You want to protect the user from a compromise of Mozillas servers,
> We also want to protect the user from a subpoena served to Mozilla, for
> example.  This means we must never have the data on our side, and this means
> the encryption needs to happen on the client, period.  This is not
> negotiable for proper functioning of the feature in question.
> -Boris
> _______________________________________________
> es-discuss mailing list
> es-discuss at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the es-discuss mailing list