Skip to content

Latest commit

 

History

History
47 lines (34 loc) · 3 KB

README.md

File metadata and controls

47 lines (34 loc) · 3 KB
Raw

SJCL: Searchable Encryption

An extension to The Stanford Javascript Crypto Library, providing basic searchable symmetric encryption.

Searchable symmetric encryption (SSE) allows a party to outsource the storage of his data to another party in a private manner, while maintaining the ability to selectively search over it.

~ Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions

Applications: (Basically anything that involves tagging or querying private data.)

  1. Outsourcing functionality like spam detection and search to a backend server in encrypted email services.
  2. Raw data and file storage.
  3. ...?

Compiling

For those who'd prefer to compile the CoffeeScript into JavaScript and run that instead:

coffee -c ./searchable.coffee

Regardless of what filetype is in use, an appropriately compiled sjcl.js should always be loaded before this library is.

Documentation

This implementation of SSE is intended for the browser, while caesar's implementation can be used on the backend! Also, there are a lot of naunces to using SSE that would be better understood by reading over the example, reading caesar's documentation, or reading the paper itself, rather than making me try to explain it.

  • sjcl.searchable.tokenize(corpus) - The basic, stock tokenizer. Takes a corpus and returns the array of unique words it contains without caps or punctuation.
    1. corpus - Body of text to be tokenized. (String)
    2. Returns the tokenized corpus. (Array)
  • sjcl.searchable.secureIndex(keystore, max, indexes...) - Encrypts a data's index so that it can be sent to an untrusted party.
    1. keystore - The unencrypted keystore. Will be changed by the function! (Object)
    2. max - The size in bytes of the largest document in the collection. (Number)
    3. indexes... - The indexes to be secured. The first index can be an array generated by a tokenizer, but the rest after that need to be in proper form (the form provided by the server).
    4. Returns an object containing:
    • newId - A new, randomly generated id. Only useful if the functionality discussed above is utilized. (String)
    • newDomain - A new, ranodmly generated domain name. Always useful, since this will always create a new domain. (String)
    • index - The secured index, which can be published to the server. (Object)
  • sjcl.searchable.createQuery(keystore, tokens...) - Encrypts a query so that it can be sent to an untrusted party.
    1. keystore - The unencrypted keystore. (Object)
    2. tokens... - The individual tokens to generate queries for. (String)
    3. Returns an array of objects, where each object is a query for an individual token. (Array)