The HTTPS protocol has enforced a higher level of robustness to several attacks; however, it is not easy to set up the required certificates on intranets, nor is it effective in the case the server confidentiality is not reliable, as in the case of cloud services, or it could be compromised. A simple method is proposed to encrypt the data on the client side, using Web Assembly. It never transfers data to the server as clear text. Searching fields in the server is made possible by an encoding scheme that ensures a stable prefix correspondence between ciphertext and plaintext. The method has been developed for a semantic medical database, and allows accessing personal data using an additional password while maintaining non-sensitive information in clear form. Web Assembly has been chosen to guarantee the fast and efficient execution of encrypting/decrypting operations and because of its characteristic of producing modules that are very robust against reverse engineering. The code is available at https://github.com/mfalda/client-encdec.

翻译：HTTPS协议为多种攻击提供了更高层次的防护能力；然而，在内网环境中配置所需证书并非易事，且在服务器机密性不可靠的情况下（如云服务场景，或服务器可能被攻破时），该协议也难以奏效。本文提出一种使用Web Assembly在客户端加密数据的简单方法，该方法从不在服务器端传输明文数据。通过一种确保密文与明文之间保持稳定前缀对应的编码方案，可在服务器端实现字段搜索功能。该方法已开发应用于语义医学数据库，允许使用额外密码访问个人数据，同时保留非敏感信息的明文形式。选择Web Assembly的原因在于其能保证加解密操作快速高效执行，且其生成的模块具有极强的逆向工程抗性。源代码可访问https://github.com/mfalda/client-encdec获取。