[Cryptography] [cryptography] Browser JS (client side) crypto FUD

[Tony Arcieri]

On Fri, Aug 1, 2014 at 4:33 AM, ianG <iang at iang.org> wrote:

> Well, no.  Implementing HTTPS:// is hard.  It is simply out of the cost
>  range of about 99% of the websites [0].  Otherwise they would.

[0] old figures.  It used to be that around 1% of the websites used
> HTTPS, no idea what it is now.


[0] Citation needed

Modern CPUs have crypto accelerators (e.g. AES-NI). https is cheaper than
ever before.

The alternative is, what, everyone handroll their own JS crypto that only
protects against passive attacks and easily folds when confronted with an
active attacker?

The fact that *you might be able to reach that high bar* is irrelevant.
>  What is relevant is the 2 decades of history that we have that says
> clearly, HTTPS is simply too expensive.
>

Since things like FireSheep made people aware of the use of unencrypted
communications is dangerous, HTTPS has seen a massive proliferation in
usage. Certain CDNs are contemplating making HTTPS a part of the base
package rather than an add-on.

So no, HTTPS cost and usage aren't problems. HTTPS is cheaper than ever to
deploy and that trend will continue. The problem is people making silly
excuses not to deploy HTTPS.


> Yes, and they can make that argument.  HTTPS and PKI carries with it
> some downsides such as vulnerability to CA-based attacks


I thought we were talking about passive attacks


> tracking,
>

If you load some crypto JS over plaintext HTTP, a passive attacker can see
you're doing this, and words like "crypto" might be interesting to their
keyword analysis systems.

HTTPS would prevent this.


> JS crypto is BTNS -- better than nothing security.
>

So is ROT13

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140801/fa113f71/attachment.html>