Web Cryptography API

The Web Cryptography API provides basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption. The Web Cryptography API allows a number of important security scenarios for web apps. These range from robust user/service authentication, document and code signing, and the confidentiality and integrity of communications all without requiring a secure connection (through SSL or similar protocol).

Web Cryptography in Microsoft Edge

Since its initial implementation in Internet Explorer 11, the World Wide Web Consortium (W3C) specification has changed from an event-driven model to a new model based on JavaScript Promises. The Microsoft Edge implementation of the Web Cryptography API has been updated for the Last Call Working Draft version of the specification. These updates include changes to support the non-prefixed, JavaScript Promise-based version of the API. The previous (IE11) implementation of the Web Cryptography API (that makes use of the KeyOperation and CryptoOperation interfaces) is still supported in the IE11 document mode behind the ms prefix.

For more info, see Web Cryptography updates.

The following cryptographic algorithms are supported in IE11 and later:

In IE11 and later, Web Cryptographic keys can be stored in IndexedDB and if so, are bound to a specific user and device. That is, keys stored in IndexedDB cannot be used by different users or moved to different computers. A browser-specific key is used to encrypt all Web Cryptographic keys before storing them in IndexedDB, as follows:

  1. A key-wrapping key is derived from the browser-specific key using a randomly generated salt (see SP 800-108).
  2. The key-wrapping key is used to encrypt the Web Cryptographic key using AES Key Wrap and AES-GCM.
  3. The result of the prior operation is stored on disk in the IndexedDB store.

The browser-specific key is randomly generated the first time a key is stored in IndexedDB. Clearing the browser’s cache will delete this browser-specific key from the system, permanently preventing any previously stored keys in IndexedDB from being accessed. The next time a key is stored in IndexedDB, a new browser-specific key will be generated, and the above process will be repeated. The browser-specific key is stored on disk and is protected by DPAPI and, optionally, by mechanisms such as BitLocker Drive Encryption.

API Reference

Web Cryptography

Specification

Web Cryptography API