Tuesday, June 19, 2012

Javascript Encryption

On a whim, curiosity struck me and I looked up encryption with javascript. Probably when I was looking at encrypting data in a Google spreadsheet. I found several blowfish encryption routines that are javascript based. What is interesting is that this makes it possible to encrypt something completely on the client-side without the key ever being sent to a server.

I decided to experiment with on of the algorithms (http://theweekly.co.uk/blowfish_remix/). I wrote mock up that follows. You can test it using the existing key or entering a new one, typing or pasting a string in the text field or use the text already there, and then encoding it. Finally, you can decode it again.

So for the example, after picking a key, click "Set Key".  Then click "Encode".  The encrypted text will appear in the middle textbox.  To decode this text, just click "Decode" and the decoded text will appear in the last box.


As stated above, all actions take place client-side. This means data can be encrypted and then sent via email, stored in an online document (spreadsheet or document), or anything else along these lines.  A good idea with Google spreadsheets since an entry into a cell can be saved via and AJAX call before you encrypt it with something like the function in the post above.

There is one quirk with the alorithm. The text that is being encrypted needs to have a length that is a multiple of 8. If it isn't, when the encrypted code is decrypted, it will be padded with 0's (you still get the original back). I added some code to pad the data with spaces so that the original is returned.

The following textarea contains the code used to generate the example above.