undefined | Better HN

0 pointsygjb13y ago0 comments

Until DomCrypt[1] is implemented there is no reliable way to implement a CSPRNG in Javascript (that I am aware of!). The only way to do this securely would be to supply a page that includes some javascript to process a secret key that the user provides to the page which would then generate the CSR. It would be more effective to write all of this sites functionality into a shell script.

[1] http://www.w3.org/TR/WebCryptoAPI/

0 comments

subleq13y ago

I did a CSPRNG in Javascript using mouse movements for entropy: https://github.com/fusionbox/mouseware

ygjbOP13y ago

I don't see a detailed analysis of your RNG that would support the claim that it is suitable for use as a CSPRNG.

j / k navigate · click thread line to collapse

0 pointsygjb13y ago0 comments

[1] http://www.w3.org/TR/WebCryptoAPI/

0 comments

subleq13y ago

I did a CSPRNG in Javascript using mouse movements for entropy: https://github.com/fusionbox/mouseware

ygjbOP13y ago

I don't see a detailed analysis of your RNG that would support the claim that it is suitable for use as a CSPRNG.

j / k navigate · click thread line to collapse