0

I'm wondering if theres already a combo let say jQuery - Some C# DLL to proive a secure both way communication between ASPX forms with jQuery and a control layer based on ashx files with C# classes...

[From comment below]
Well I see I have to be more specific. The are things like sniffers on simple network analysis tools even like Firebug that let you see the data transfered via POST or GET. The idea to secure a Server Client application is to ensure that data isn't corrupt and compromised, and to achive that you have to make imposible to an atacker to report false info so the best is to have improved some cryptographyc algorithms both on client and server to crypt decrypt encode decode data...

Improve this question
4
  • This has nothing to do with jQuery. Commented Jun 1, 2010 at 17:09
  • Well I see I have to be more specific. The are things like sniffers on simple network analysis tools even like Firebug that let you see the data transfered via POST or GET. The idea to secure a Server Client application is to ensure that data isn't corrupt and compromised, and to achive that you have to make imposible to an atacker to report false info so the best is to have improved some cryptographyc algorithms both on client and server to crypt decrypt encode decode data... Commented Jun 1, 2010 at 17:23
  • 2
    it sounds like you just need SSL. The comment by James Deville in this thread seems like good advice! Commented Jun 1, 2010 at 17:31
  • You just need to use SSL. Commented Oct 11, 2013 at 21:48

2 Answers 2

Reset to default
4

The only way you can ever make web communication secure between a client and a server is by using SSL.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Wrong. Also, SSL might not help.
I'm looking for a combo of classes - scripts in both sides jQuery C# like AES support for jQuery and C# or Base64 or a custom algorithm but with support in jQuery (Client Side) and ASPX C# (Server Side)
If he's trying to protect against end-users, SSL won't help at all.
Perhaps I'm totally wrong, but just encrypting messages to go back and forth is still vulnerable to MITM attacks. Digital signing would be needed in order to prevent this - and then you might as well just use SSL?
0

Here is a Javascript AES engine.

However, you really should use SSL instead.

Improve this answer

2 Comments

Wouldn't that be moot, as the client AND server would need the key to enc/dec the data. And thus the key would have to be transmitted to the client.
I'm just giving him what he asked for. You're right that it's probably a bad idea. However, if the key is a salted hash of a password entered on the client, it could be reasonably secure

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.