Skip to content

Commit

Permalink
README tweak
Browse files Browse the repository at this point in the history
  • Loading branch information
aaronshaf committed Nov 15, 2024
1 parent 3c24204 commit e6c0a63
Showing 1 changed file with 1 addition and 4 deletions.
5 changes: 1 addition & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,7 @@ interface AsyncStorage {

## Why encrypt data in IndexedDB?

> "While the browser can delete IndexedDB files stored on the local filesystem, they can be retrieved by Encase. Unfortunately, the retrieved data is in an unencrypted format, and given the nature of the data held within the IndexedDB API, a potential security issue exists."
> — Stefan Kimak, Jeremy Ellman, Christopher Laing, ["Some Potential Issues with the Security of HTML5 IndexedDB"](https://www.researchgate.net/publication/281066023_Some_Potential_Issues_with_the_Security_of_HTML5_IndexedDB), IET Systems Safety and Cybersecurity Conference 2014.
It is also an issue in the scenario of multiple people sharing the same device and browser.
Encryption keeps data in IndexedDB private, even when a browser profile is shared on the same device. Only those with access to the `cache_key` can decrypt the data.

## Installation

Expand Down

0 comments on commit e6c0a63

Please sign in to comment.