Use Case
TED application is built upon FileCrypter which essentially uses AESGCM-SIV for crypto function in GO. TED encipher and decipher an input string instead of a file. With this, TED is possible to be used to encipher/decipher text for communications such as email, SMS, Over-The-Top Messaging platform such as WhatsApp, LINE, WeChat, SKYPE. TED can also be used for performing Field Encryption on input data so data remains encrypted at rest and storage.
With TED WASM, the wasm binary file is downloaded in the browser's workload. Any data that needs to be encrypted can be send to the local wasm file to perform the encryption locally within the browser before sending or POSTing the data to the Server. This way it ensures field encryption is started in the user's browser, giving true privacy on user's sensitive data. The encrypted data is transmitted in flight encryption tunnel (HTTPS/TLS) towards the Server which is likely to cross several intermediaries (proxy, gateway, loadbalancer and Frontend Server) before storing or processed by the Application server. Underneath the Internet infrastructure, traffic crosses many ASN and network peering before reaching the intended destination. Field Encrypting allows data at rest to remain encrypted even when HTTPS/TLS session (data in transit) has terminated. Only the end application that needs to process the data will have the keys and algorithm to decipher the data.
TED WASM can be further modified to include a SALT and password/token/secret keys to be used on the data, strengthening the crypto process.
Existing JS does have libraries that perform crypto functions. However, the crypto libraries are not always up to date with the latest cipher suite. WASM allows developer to build crypto programs using the latest cipher suite and the same logic developed for backend to be re-used on frontend, the mantra of build once and re-use. TED-WASM showcase this possibilities, with the logic built on top of FileCrypter and then extended for TED CLI, all re-using the AESGCM-SIV cipher.
TED can be used to perform text encryption and decryption just like Enigma, using the encrypted text for communication in emails, SMS, Over-The-Top messaging platforms. The example shown here has a html and js that sends the text to TED-WASM, which is downloaded to the browser when the page is loaded. Encryption and Decryption operation happens locally within the browser workspace. TED supports both single-byte and double-byte language.
When there is a need for user to share sensitive and confidential information, it is important to ensure the user's privacy and data secured. Field Encryption allows the piece of data to be encrypted and then stored (in permanent or semi permanent storage). A good example of such sensitive data could be User Personal Identifier number or Credit Card details used for payment. Data such as these are typically send back from the browser to the Server in HTTPS/TLS transport, ensuring the transit is secured. However, the Internet is build over several peering agreement and crosses many ASN boundaries. The infrastructure could also consists of many intermediaries such as CDN, proxy, gateway, frontend server before the application that process it will received it. Field Encryption ensure highly sensitive data stays encrypted at rest and even during transit. The below shows a typical Credit Card Payment Form, capturing sensitive Credit Card details. TED-WASM can be used to encrypt these data before POSTING the data back to the Server or Payment gateway. TED-WASM can work on JSON data as well as string data. The HTML and JS codes used are here . It uses the same concept as Use-Case 1, with js sending the data to TED-WASM binary for crypto operation.
