Data Scrambling - macmcmeans/localDataStorage GitHub Wiki

Since the data held in localStorage is always viewable, you may opt to obscure key values using lightweight data scrambling. This is not encryption, merely obfuscation, and is easily implemented using a global scramble key. Alternatively, for higher protection you may set a user scramble key on a per key basis when placing sensitive data into storage.

While not technically encrypted, scrambled data is still quite robust, and is designed to be secure against guessing and arbitrary reconstruction. As such, there is no way to retrieve the original value from a key that's been scrambled in the event the scramble key is lost or forgotten. Likewise, it is impossible to get the original value from a key that's been scrambled and subsequently renamed.

Obfuscated data is created via an internal combination of xor and shuffling operations. The difference between plain and obfuscated data is shown below.

EXAMPLES:

Setting the key normally ● localData.set( 'safeKey2', 99.97 ) 👉 Inspecting safeKey2 shows that the key value is stored as 99.97.

Setting the key using the global scramble key (internal default is 123456789n) ● localData.safeset( 'safeKey2', 99.97 ) 👉 Inspecting safeKey2 shows that 99.97 is stored as vBk\x8E©pt~Îōز.

Setting the key with an explicit user scramble key ● localData.safeset( 'safeKey2', 99.97, 'secret-user-key' ) 👉 Inspecting safeKey2 shows that 99.97 is stored as ૒͑<ұ߈ுܥ»ϡ˄΢आक़࡯\x05.

📝 NOTE: The Health Insurance Portability and Accountability Act from 1996 (HIPAA) creates strict rules about how to store Protected Health Information (PHI). In section (a)(2)(iv) of 45 CFR 164.312, it states that PHI (data at rest) must be encrypted. Since data scrambling is not encryption, do not use it to store PHI.