DEV Community

Cover image for Basic End To End Encryption With Crypto
lambert-naaman
lambert-naaman

Posted on

Basic End To End Encryption With Crypto

Introduction

Hello everyone, today we’ll look at encryption and its sibling, decryption using JavaScript.
Before we dive in, lets understand how end to end systems work in general. For this consider the diagram below:

Image description

So user A wants to send some classified information to user B over the Net, but due to trust issues user A decides to encode this information in a format only user B can decode.
Here in our diagram user A and user B agree on what algorithm they will use, then they generate a public/private key-pair and publish their public keys on the internet (server ). This way both user A and B get to keep their private keys private in order to make this system valid.
To encode some information, user A takes user B’s public key from the server and scrambles the original information with this public key then sends the scrambled junk to user B over the internet.
this scrambled data could be passing through an insecure, public network infrastructure within the reach of hackers, but because of this encoding its content become resistant to tampering. Once this scrambled data gets to user B’s end, it is decoded with user B’s private key. All subsequent communications between user A and B follow these procedures. conclusively we can admit that the goal of end to end encryption is to secure communication by ensuring that only the intended recipient can access the message.

Implementing End-To-End Encryption In Node.js

In this tutorial we will use the built-in crypto module within Node.js, which has quit a number of cryptographic functions for developers.
So our first step would be to generate a pair of public/private keys which will be used to encrypt and decrypt the data.

To generate the keys, we will use the generateKeyPairSync() method, which generates a pair of keys using the RSA algorithm. Here's an example code:

const crypto = require('crypto');

const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
  modulusLength: 4096,
  publicKeyEncoding: {
    type: 'spki',
    format: 'pem'
  },
  privateKeyEncoding: {
    type: 'pkcs8',
    format: 'pem'
  }
});

console.log('Public Key:\n', publicKey);
console.log('Private Key:\n', privateKey);`

Enter fullscreen mode Exit fullscreen mode

Here we used the generateKeyPairSync() method to generate a pair of keys using the RSA algorithm with a modulus length of 4096 bits.
We then use the publicKeyEncoding and privateKeyEncoding options to specify the format of the keys. We also applied the PEM format, which is quit popular for storing keys.

Encrypting And Decrypting Our Data

After generating our keys, we want to use them to encrypt and decrypt some data, so lets assume our data is the string “ Naaman Lambert is for Jesus”, lets encrypt and decrypt that data.

const crypto = require('crypto');

const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
  modulusLength: 4096,
  publicKeyEncoding: {
    type: 'spki',
    format: 'pem'
  },
  privateKeyEncoding: {
    type: 'pkcs8',
    format: 'pem'
  }
});

const message = “ Naaman Lambert is for Jesus”;
console.log('Original Message:\n', message);

const encryptedMessage = crypto.publicEncrypt(publicKey, Buffer.from(message));
console.log('Encrypted Message:\n', encryptedMessage.toString('base64'));

const decryptedMessage = crypto.privateDecrypt(privateKey, encryptedMessage);
console.log('Decrypted Message:\n', decryptedMessage.toString());`
Enter fullscreen mode Exit fullscreen mode

Observe something in the crypto.publicEncrypt function, the second parameter is ‘buffer.from(message)’ which creates a new instance of a buffer object and loads it with the binary data of the provided message parameter.
So once you’ve hit that run button you should get an output similar to this:

In the above example, we generated the key pairs first, then we define some hard coded message which we wish to encrypt. Then we apply the publicEncrypt() method to encrypt this message using the public key, afterward we print the encrypted message to the console.

For decryption we use the privateDecrypt() method to decrypt the message, using the generated private key and the encrypted message as parameters.

Top comments (0)