ABSTRACT
This chapter studies the problem of securely deploying cryptography within web applications. It overviews the most significant security issues in cryptographic web applications and review the solutions proposed in the literature. The chapter focuses particular on principled techniques amenable to formal verification, given the strong security requirements of applications like encrypted web storage and the complexity of the web platform. It covers both traditional network attackers in the Dolev-Yao style and web attackers, abusing web technologies like HTML and JavaScript. The chapter distinguishes between attacks performed in the symbolic model and attacks performed in the computational model of cryptography. Attacks against cryptography normally leverage side-channels or other weaknesses of the encryption/decryption process to leak information about the plaintext or the cryptographic key used to protect it. Given the focus on cryptographic web applications, the chapter refines the standard threat model by further categorizing attackers based on the model of cryptography, as done in the literature on protocol verification.
