At Complyify, our business is cyber risk management. At the heart of managing risk to digital information is ensuring that sensitive information is securely stored, transmitted, and only accessible by those with explicit permission. 

When dealing with webapps, most people assume that TLS is a sufficient mechanism by which to protect a user’s data. TLS, being a point-to-point transmission encryption protocol, is great at protecting data in flight between a browser and web server, but ceases to protect data as soon as it reaches the other side. A more comprehensive solution, especially when using a microservices architecture where data may be routed through many services before being processed, is to encrypt the data prior to transmission and leave it encrypted throughout its life cycle. This strategy, implemented correctly, can protect information not just in the first leg of its transmission, but also while it is stored on disk, in memory, and on subsequent network transmissions. 

Asymmetric encryption is rarely used to encrypt data directly – it can be slow and has some other weaknesses. Rather we use performant symmetric encryption algorithms, like the ubiquitous AES. This means that we somehow need to have the same encryption key available to the user and in the critical areas of the server-side application need to interact with the unencrypted data. You must take care not to transmit this shared encryption key over the wire, or worse, embed in the application. Either of which would expose the key to interception by a malicious actor. 

The solution is a Diffie-Hellman key exchange which uses the magic of maths so two parties can simultaneously derive an encryption key without ever having transmitted a single byte of sensitive information between them. We use the elliptic curve DH implementation as we like to keep our application responsive and RSA encryption can get computationally expensive at sufficient key length. 

Deriving a key using ECDH can be done in most browsers using SubtleCrypto. It’s a great interface provided by the browser’s runtime and preferable over pure Javascript implementations for performance and trust. 

Deriving a key for AES-256 encryption using SubtleCrypto 

const sharedKey = window.crypto.subtle.deriveKey(
{ name: 'ECDH', namedCurve: 'P-256', public: ecdhPublicKey },
{ name: 'AES-CBC', length: 256 }, false,
['encrypt', 'decrypt'])

From the perspective of a web-app developer, ecdhPublicKey is the public key for your organization and ecdhPrivateKey would be the private key associated with your user. Critical for the success of a DH key-exchange, the user’s private key should be generated and, if necessary, stored on the user’s environment – never transmitted, never seen by the developer or the organization’s servers. 

With this ECDH/AES model we have high confidentiality afforded to asymmetric encryption with the scalability of symmetric encryption. Should data transmitted or stored fall into the hands of a malicious third party, they’d be unable to decrypt it without also having access to one of the private keys (hence the need to keep keys segregated from data wherever possible and always segregated while stored). 

Similarly, you can leverage ECDH on your server just for the component of your application that needs to interact with the data in an brief unencrypted state. NodeJS doesn’t provide the SubtleCrypto interface of a browser, but it does have comparable built-in crypto support via OpenSSL. 

Deriving a key on NodeJS 

const crypto = require('crypto')
const ecdh = crypto.createECDH('secp256k1')
const sharedKey = ecdh.computeSecret(userPublicKey)

Diffie-Hellman is a powerful technique to enable secure communication between two parties in an efficient manner. It allows you to generate an encryption key that is never transmitted so there is no possibility that someone could intercept it. Combined with proper key management and cryptographic practices it can facilitate performant encryption of data in your application starting from the moment the data was created.


The easiest way to measure and manage cybersecurity risk and compliance.