Here's a demonstration page that uses slowAES.
slowAES was easy to use. Logically designed. Reasonable OO packaging. Supports knobs and levers like IV and Encryption mode. Good compatibility with .NET/C#. The name is tongue-in-cheek; it's called "slow AES" because it's not implemented in C++. But in my tests it was not impractically slow.
It lacks an ECB mode. Also lacks a CTR mode, although you could build one pretty easily given an ECB mode, I guess.
Anandam's PBKDF2 was not quite on that level. It supported only a single call to DeriveBytes function, so if you need to derive both a key and an IV from a password, this library won't work, unchanged. Some slight modification, and it is working just fine for that purpose.
EDIT: I put together an example of packaging SlowAES and a modified version of Anandam's PBKDF2 into Windows Script Components. Using this AES with a password-derived key shows good interop with the .NET RijndaelManaged class.
In my searches for AES encryption i found this from some Standford students. Claims to be fastest out there. Supports CCM, OCB, GCM and Block encryption. http://crypto.stanford.edu/sjcl/
You may want to look at their Quick-start Guide which is also the reference for the following node.js port.
Eventually I managed to cobble together something that suited my needs after a lot of trial and error.
Anyhow I knocked up an example of a js/webapp talking to a google app engine hosted python server that uses AES and public key and private key RSA stuff.
I though I'd include it here by link in case it will be of some use to others who need to accomplish the same thing.
and see demo at rsa-aes-demo DOT appspot DOT com
edit: look at the browser console output and also view source to get some hints and useful messages as to what's going on in the demo
edit: updated very old and defunct link to source to now point to
From the readme:
Chrome/31.0 SHA256: 51 MiB/s (9 times faster than SJCL and CryptoJS) AES-CBC: 47 MiB/s (13 times faster than CryptoJS and 20 times faster than SJCL) Firefox/26.0 SHA256: 144 MiB/s (5 times faster than CryptoJS and 20 times faster than SJCL) AES-CBC: 81 MiB/s (3 times faster than CryptoJS and 8 times faster than SJCL)
Edit: The Web Cryptography API is now implemented in most browsers and should be used as the primary solution if you care about performance. Be aware that IE11 implemented an earlier draft version of the standard which did not use promises.
Some examples can be found here:
Try asmcrypto.js — it's really fast.
PS: I'm an author and I can answer your questions if any. Also I'd be glad to get some feedback :)
If you are looking for SSL for google app engine on a custom domain, take a look at wwwizer.com.
Here is the only solution that worked for me:
It's pretty basic, but simple to use and seems to work well.