OpenPGP.js is a cryptography library that implements the OpenPGP standard, mostly used for e mail encryption. ProtonMail, Mailvelope, and FlowCrypt all use OpenPGP.js, to call a number of. That means the OpenPGP.js library encrypts tens of millions of customers’ messages.
The OpenPGP customary, first revealed within the Nineties, like virtually something, requires upkeep and updating for each safety and value. A “crypto refresh” of the usual is in the works, which provides fashionable encryption algorithms and deprecates outdated ones. To enhance usability, varied e mail functions now permit customers to seamlessly encrypt their communication—with out managing their keys or these of their contacts.
First launched in 2014, OpenPGP.js started based mostly on an early prototype known as GPG4Browsers, which is predicated on a number of scripts by Herbert Hanewinkel (amongst different contributors). The second model of OpenPGP.js, launched in 2016, was utterly reworked to make use of Uint8Arrays as a substitute of strings (which considerably elevated its efficiency) and fashionable ES6 modules slightly than CommonJS modules internally. Versions 3 and 4, each launched in 2018, added assist for Elliptic-curve cryptography (ECC) and streaming, respectively.
My staff and I proceed engaged on OpenPGP.js to make sure its evolution as an easy-to-use library for sturdy encryption.
1. Elliptic-curve cryptography by default
In OpenPGP.js model 4, RSA was used when producing new keys by default. Although ECC is quicker and safer, Curve25519 had not been standardized within the OpenPGP specification but. The crypto refresh draft does embrace Curve25519, and it’s anticipated to be included “as is” within the subsequent model of the OpenPGP specification, so OpenPGP.js model 5 now generates keys utilizing ECC by default.
2. Import solely the modules you want
Similarly, whereas OpenPGP.js used ES6 modules internally for years, model 4 nonetheless did not publish a correct ES6 module. Instead, it revealed solely a Univeral Module Definition (UMD) module that might run each within the browser and on Node.js. In model 5, this adjustments by publishing separate modules for the browser and Node.js (each ES6 and non-ES6), making it simpler for library customers to import OpenPGP.js on all platforms and (when utilizing the ES6 module) solely import the elements they want. This is enabled largely by switching the construct system to rollup.
3. Reject weak cryptography
There are additionally many different safety enhancements. For instance, 1024-bit RSA keys, ElGamal, and DSA keys are thought-about insecure and are rejected by default. Additionally, the place model 4 already defaulted to AES-encryption, model 5 now refuses to encrypt utilizing weaker algorithms solely by default, even when the general public key claims to solely assist a weaker algorithm. It as a substitute assumes that every one OpenPGP implementations assist AES (which has been the case for a really very long time).
What’s subsequent for OpenPGP.js
Looking forward, there are some safety enhancements to make. Key fingerprints, used to determine public keys, nonetheless use SHA-1, although a repair for that is deliberate within the crypto refresh. In the meantime, it is strongly recommended to make use of totally different means to determine the authenticity of any public key used for encryption, similar to by fetching all the key instantly from the recipient’s area utilizing the proposed Web Key Directory (WKD) customary—already applied by varied email providers. WKD assist was constructed into OpenPGP.js model 4 however is a separate module in model 5 to maintain the primary library lean.
Similarly, when encrypting messages or information with a password slightly than a public key (unusual when utilizing OpenPGP for e mail encryption, however extra so when used for encrypted backups, for instance), the password is transformed to a symmetric key utilizing a comparatively weak key derivation operate (KDF). It is thus advisable for functions to cross the person’s password by a powerful KDF, similar to Argon2 or scrypt, earlier than passing it to OpenPGP.js. Hopefully, the crypto refresh will embrace one in every of these algorithms to implement in a future model of OpenPGP.js.
How to make use of OpenPGP.js model 5
For now, although, OpenPGP.js model 5 has been published to the npm bundle registry. If you want, be at liberty to attempt it out! Feedback is welcome within the discussions tab on GitHub. Please notice, nevertheless, that whereas OpenPGP.js is a general-purpose encryption library, its main use case is in conditions the place compatibility with the OpenPGP specification is required (for instance, when sending or receiving PGP-encrypted e mail). For different use circumstances, a unique library could also be a extra applicable or performant alternative. In common, in fact, watch out when rolling any crypto.
Thanks for studying, and here is to securing the way forward for e mail!
