BigNums, BigNums, BigNums
Brian A. LaMacchia
Director, Security & Cryptography
Microsoft Research Technologies
Announcing the v1.2 release of the
MSR JavaScript Cryptography Library
• MSR’s implementation of Web Cryptography API
– Written in JavaScript, so polyfill-ready
– Supports several browsers (tested with Chrome, Firefox, Safari
and IE 8,9,10,11)
• Now released under Apache 2.0 license
• New in v1.2:
– Added support for wrapKey and unwrapKey
– Bug fixes
Comments, questions, feedback, bug reports? Please send to
[email protected]
Why WebCrypto needs BigNums
• There are important use cases that need raw BigNum
access (both finite field and ECC operations). Examples
• Anonymous credentials (e.g U-Prove)
– Our U-Prove JS client library builds on the MSR JSCL to
implement blinded signatures
• Anonymous voting schemes
• New elliptic curves and associated curve arithmetic
• Performant implementations of new algorithms
– Alternative signature schemes (e.g. Schnorr)
– Bilinear pairing
– Anyone who wants to implement a new algorithm without
patching the underlying platform
Why BigNums belong in WebCrypto
• “This should go to ECMAScript…”
• No, WebCrypto is the right place for BigNums:
– Not all JavaScript clients will implement WebCrypto, so they
won’t all have finite field and ECC operations
– But all WebCrypto implementations will have these functions in
native (if they implement any useful set of algorithms…)
– BigNum math (including both finite field and ECC curve
arithmetic) are fundamental building blocks for all the
asymmetric algorithms currently defined in the Web
Cryptography API specification
• Polyfills are possible (MSR JSCL being a prime example) but
for the best performance you want access to the platform’s
native implementation of these fundamental math

similar documents