[eliteraspberrie]

I'm the average Javascript programmer. I'm writing some web app and I need to do some cryptography. Let's see, there's Math.random and Crypto.getRandomValues. Let's go with Math.random, for shiggles. I'm probably copy-pasting from Stack Overflow.

Will renaming a function or two fix my bad behaviour?

The answer to "Should I use Math.random or X" is neither! I should be using a cryptography library like SJCL or tweetnacl-js:

http://bitwiseshiftleft.github.io/sjcl/

http://dchest.github.io/tweetnacl-js/

[strangecasts]

Out of curiosity: in which scenario is JS crypto preferable to TLS?

[squidlogic]

Probably not to TLS, but TLS is typically solving a different problem than the one people are trying to solve using JS crypto.

One valid use, I think, could be around ensuring you don't pollute your backend with user data to avoid liability.

For example, if you wanted to use a distributed database in your backend and needed guarantees that when you delete data it is deleted everywhere at once, you could use JS crypto to do client-side encryption of the data and only have to delete the key to render the distributed data inert.

I heard about this through an article that was on HN a few weeks back (https://blog.balboa.io/yet-another.html)

[granos]

When you (or the recipient) don't want the recipient to be able to read the data, but only to store/transfer it somewhere.

In some cases its impossibly/impractical to create a direct connection between 2 computers: you must use some kind of relay. If you don't want the relay to comprehend the data then you can use client side crypto on the payload. TLS still matters because it prevents 3rd parties from peeking at the communication.

Imagine a secure chat app where you want to guarantee that only you and your friend can read the communications, but want to be able to send offline messages to each other that get delivered upon connection.

[sneak]

Well, in his web app example above, it's not - but these days more and more clientside apps (which remain on the client - e.g. mobile apps built with React Native) are implemented fully in JS.

Also, installed browser extensions are download-once and may need cryptographic functionality.

[buu700]

I can name exactly one. Cyph (cyph.com) accomplishes secure E2E encrypted messaging by pinning a bootstrap in the browser that validates and executes cryptographically signed packages.