Web·Armor
®
Additional Layer of Encryption on the Internet
Double Layer of Information Security Over HTTPS
Web•Armor® is an innovative JavaScript library developed by Cyte® that enables the implementation of cryptographic operations on both the client and the server side.
This versatile tool can be used in mobile applications, web browsers (frontend), and servers (backend), ensuring secure transmission of information across various devices and platforms.
The library provides developer-friendly methods for web and mobile applications, supporting the integration of encryption algorithms, authentication, hashing, random number generation, and more.
Its primary goal is to deliver defense-in-depth by applying multiple layers of cryptographic protection beyond standard measures like TLS.
Web•Armor® implements a cross-platform server that can operate either in the cloud or on-premises, and is compatible with any operating system. On the frontend of web or mobile applications, the client-side library is deployed. Together, the server and client securely compute keys using ECC (Elliptic Curve Cryptography) and ZKP (Zero-Knowledge Proofs), enabling the encryption of sensitive data in transit.
This creates an additional layer of security with advanced cryptographic algorithms, helping to prevent attacks in the event of TLS/SSL vulnerabilities or unauthorized access to stored data.
This solution is specifically designed for large organizations, such as banks, that need to secure their web and mobile applications but lack the time or in-house expertise to properly implement the necessary cryptographic primitives. Web•Armor® simplifies this process by offering a wide range of algorithms and easy-to-use implementation methods.
Cryptographic Primitives Implemented in Web•Armor®
Encryption and Authentication Algorithms
Web•Armor® provides both symmetric and asymmetric algorithms to ensure data confidentiality and authentication. Symmetric algorithms like AES are ideal for encrypting data at rest or in transit. Asymmetric elliptic curve algorithms such as ECDSA, ECC-ElGamal, and ECIES enable efficient authentication and data integrity verification, adapting to a wide range of use cases.
Message Integrity and Key Derivation
Message integrity is enforced through HMAC (Hash-based Message Authentication Codes). Web•Armor® also supports HKDF (HMAC-based Key Derivation Function) to generate unique, secure cryptographic keys—preventing key reuse and improving multi-key management.
Hash and Key Generation
The library includes functions for generating cryptographic hashes using SHA-256 and SHA-512, essential for encryption, signing, and authentication processes. It also supports HOTP and TOTP protocols for generating one-time passwords (OTP), commonly used as a second factor in authentication, enhancing access security for critical applications.
Pseudorandomness and Cryptographic Security
Web•Armor® ensures the correct implementation of cryptographic algorithms by providing methods to generate secure pseudorandom values (PRNGs). These are critical for robust cryptographic operations and secure key generation, maintaining the integrity and strength of cryptographic processes.
Zero-Knowledge Algorithms
Web•Armor® includes implementations of Zero-Knowledge Proof (ZKP) algorithms, allowing information to be verified without revealing the original data. This feature is critical for protecting privacy and ensuring the authenticity of transactions without compromising information security.