Remote (externally-managed) Crypto Keys

[marcoscaceres]

Introduction

This proposal advocates for the development of a web standard for externally-managed cryptographic keys, specifically designed to facilitate end-to-end encryption in web applications. For example, consider a web mail service using the following JavaScript to encrypt an email securely:

const keyParams = {
  name: "remote",
  userIdentifier: "alice@example.com"
};
const keyUsages = ["encrypt", "decrypt", "sign", "verify"];
const keyHandle = await window.crypto.subtle.getRemoteKey(keyParams, keyUsages);

const message = new TextEncoder().encode("Secure message content");
const encryptedMessage = await window.crypto.subtle.encrypt(
  { name: "AES-GCM", iv: new Uint8Array(12) },
  keyHandle,
  message
);

This example illustrates the use of getRemoteKey() to retrieve a cryptographic key handle, enabling secure operations while maintaining key privacy and security.

We envision this being an extension to Web Crypto.

Feedback

We welcome feedback and discussion related to this proposal. While this thread can be used for general discussion, please file specific issues against the explainer. For more detailed background, see the full Remote Cryptographic Keys Explainer.

[dadrian]

I think there's a lot of open questions and things to work out / change, however:

1. The idea of out-of-process and optionally hardware backed keys that are origin bound and partioned seems to have a lot of promise.
2. If we can figure out consent and prevent phishing, some sort of way to "import" or access credentials stored on a 3P app (password manager, smart card, ...?) seems like it would have obvious use cases. However, there are a lot of open questions in this space. Some user flows may also be credential-type specific.

Therefore, I'd be happy to see this move to WICG to continue the conversation.