|
|
|
|
|
|
by cybernytrix
4377 days ago
|
|
|
Can any of you comment on my scheme described here: http://ashkash.github.io/ajaxcrypt/index.html
This should resist even active adversaries: - Statically encrypt and publish content on HTTP server
- Transmit these via HTTP to an iframe component at client browser
- transmit decryption and key routines using HTTPS.
- HTTP-iframe locally sends message to HTTPS-iframe via window.postMessage()
- HTTPS-iframe decrypts content (with pre-shared key) and renders it on page |
|
|