A secure web application for file encryption and decryption using AES-256-GCM and RSA encryption algorithms (2048-4096 bit).
CipherDrop is a Go-based web application that provides secure file encryption and decryption services with comprehensive security features. It supports both symmetric (AES) and asymmetric (RSA) encryption, allowing users to:
- Encrypt files using AES-256-GCM with generated or custom keys
- Encrypt files using RSA (2048/3072/4096-bit) with public key cryptography
- Decrypt AES and RSA encrypted files
- Generate RSA key pairs with configurable key sizes
- Manage a public key directory for easy recipient selection
Security First: All encryption and decryption operations are performed in-memory. No files are stored on the server, ensuring maximum privacy. Phase 5 implementation includes defense against brute force attacks, session hijacking, CSRF, DoS, path traversal, and comprehensive security logging.
- AES-256-GCM Encryption: Symmetric encryption with authenticated encryption mode
- RSA Encryption (2048/3072/4096-bit): Asymmetric encryption with OAEP padding
- Key Generation: Generate secure RSA key pairs with configurable sizes
- Public Key Directory: Store and share public keys with other users
- Instant Downloads: Encrypted/decrypted files and keys download immediately
- No Server Storage: Files processed in-memory only
- Account Lockout: Brute force prevention (5 failed attempts → 30-min lockout)
- Rate Limiting: DoS prevention with operation-specific limits
- Session Management: Secure sessions with 1hr inactivity/12hr absolute timeout
- CSRF Protection: Double-submit cookie pattern for all state-changing operations
- Input Validation: Comprehensive filename, password, and data validation
- Encrypted Storage: AES-256-GCM encrypted user data (users.json)
- Security Logging: JSON-formatted audit logs for all security events
- Strong Authentication: bcrypt password hashing (cost 12) with complexity requirements
- TLS 1.3: HTTPS-only with secure certificates
- Responsive UI: Clean, modern interface that works on all devices
- Go 1.24 or higher
- Git
- Clone the repository
git clone https://code.umd.edu/srihari/enpm680fall25project-srihari.git
cd enpm680fall25project-srihari- Install dependencies
go mod download- Configure environment variables
Create a secrets.env file in the project root:
SESSION_SECRET=your-secure-random-session-secret-here-min-32-chars
USER_DATA_ENCRYPTION_KEY=your-secure-32-byte-base64-key-hereGenerate secure keys:
# Generate SESSION_SECRET (random 32+ characters)
-join ((65..90) + (97..122) + (48..57) | Get-Random -Count 64 | ForEach-Object {[char]$_})
# Generate USER_DATA_ENCRYPTION_KEY (32 bytes, base64-encoded)
[Convert]::ToBase64String((1..32 | ForEach-Object { Get-Random -Maximum 256 }))- Generate TLS certificates (for HTTPS)
go run cmd/generate_cert.goThis creates cert.pem and key.pem in the project root.
- Build the application
go build -o cipherdrop.exe .\cmd\server\main.go.\cipherdrop.exeThe server will start on https://localhost:8443 by default with TLS 1.3 enabled.
First-time browser access: You'll see a certificate warning because we use a self-signed certificate. Click "Advanced" → "Proceed to localhost (unsafe)" - this is safe for local development.
- Open your browser and navigate to
https://localhost:8443 - Accept the self-signed certificate warning (development only)
- Click on "Register" to create a new account
- Username: 3-50 characters, alphanumeric + underscores
- Password: 12+ characters with uppercase, lowercase, digit, and special character
- Log in with your credentials
- You're ready to start encrypting files!
- Go to Dashboard → Encrypt with AES
- Select a file (max 10 MB)
- Choose to generate a new key or use an existing one
- Click Encrypt File
- Download the encrypted file and save the AES key
Rate Limit: 20 encryptions per hour, 30 decryptions per hour
- Generate keys: Dashboard → Generate RSA Keys
- Choose key size: 2048, 3072, or 4096 bits
- Download and save your private key securely
- Public key is automatically uploaded to the directory
- Go to Dashboard → Encrypt with RSA
- Select a file and choose a recipient from the dropdown
- Download the encrypted file
Rate Limit: 5 key generations per day
- Go to Dashboard → Decrypt File
- Select encryption type (AES or RSA)
- Upload the encrypted file
- Provide the key/nonce (AES) or private key (RSA)
- Download the decrypted file
cipherdrop/
├── cmd/
│ ├── server/
│ │ └── main.go # Application entry point
│ └── generate_cert.go # TLS certificate generator
├── internal/
│ ├── handlers/ # HTTP handlers
│ │ ├── auth.go # Authentication
│ │ ├── aes.go # AES encryption/decryption
│ │ ├── rsa.go # RSA encryption/decryption
│ │ ├── keys.go # Public key directory
│ │ └── decrypt.go # Decryption handler
│ ├── middleware/ # HTTP middleware
│ │ ├── session.go # Session management
│ │ ├── csrf.go # CSRF protection
│ │ ├── ratelimit.go # Rate limiting
│ │ └── logging.go # Request logging
│ ├── models/ # Data models
│ │ └── user.go # User model
│ ├── services/ # Business logic
│ │ ├── auth/ # Authentication service
│ │ └── crypto/ # Cryptography services
│ │ ├── aes.go # AES operations
│ │ └── rsa.go # RSA operations
│ ├── storage/ # Data persistence
│ │ ├── users.go # User storage (encrypted)
│ │ ├── keys.go # Key storage
│ │ └── encrypted_store.go # Encrypted storage wrapper
│ ├── validation/ # Input validation
│ │ ├── filename.go # Filename validation
│ │ ├── password.go # Password validation
│ │ └── username.go # Username validation
│ └── logging/ # Security logging
│ ├── security_logger.go # JSON security logger
│ └── security_logger_test.go
├── templates/ # HTML templates
├── static/
│ ├── css/ # Stylesheets
│ └── js/ # JavaScript files
├── data/ # User data (encrypted at runtime)
├── logs/ # Security logs
│ └── security.log # JSON security audit log
├── cert.pem # TLS certificate (generated)
├── key.pem # TLS private key (generated)
├── secrets.env # Environment variables (not in git)
├── go.mod # Go module definition
└── README.md # This file
POST /auth/register- Register new userPOST /auth/login- LoginGET /auth/logout- Logout
POST /api/encrypt/aes- Encrypt file with AESPOST /api/decrypt/aes- Decrypt AES filePOST /api/encrypt/rsa- Encrypt file with RSAPOST /api/decrypt/rsa- Decrypt RSA file
POST /api/keys/rsa/generate- Generate RSA key pairGET /api/keys/public- Get all public keysPOST /api/keys/upload- Upload public key
- AES-256-GCM: Authenticated encryption with 256-bit keys
- RSA (2048/3072/4096-bit): Asymmetric encryption with OAEP-SHA256 padding
- bcrypt: Password hashing with cost factor 12
- TLS 1.3: HTTPS-only communication with RSA-4096 certificates
- In-Memory Processing: No file persistence on server
- Account Lockout: 5 failed login attempts → 30-minute lockout
- Session Management: 1-hour inactivity timeout, 12-hour absolute timeout
- Session Security: 128-bit random session IDs, secure cookies (HttpOnly, SameSite=Strict)
- Password Requirements: 12+ characters, complexity enforcement, common password blacklist
- Maximum Concurrent Sessions: 3 per user
- CSRF Protection (NFR-004): Double-submit cookie pattern on all state-changing operations
- Rate Limiting (NFR-006, MC-004): Token bucket algorithm with operation-specific limits
- Login: 5/15min, Register: 3/hr, AES Encrypt: 20/hr, Decrypt: 30/hr, RSA Keygen: 5/day
- Input Validation (NFR-003, MC-003): Path traversal prevention, filename sanitization
- DoS Prevention: Global rate limit of 100 requests/minute per IP
- Encrypted Storage (NFR-007): AES-256-GCM encryption for users.json
- Secure Key Management: Environment-based encryption keys
- No Plain-text Secrets: All sensitive data encrypted at rest
- Security Logging (NFR-005, MC-005): JSON-formatted audit logs for all security events
- Event Categories: Authentication, encryption operations, security events, system errors
- Log Location:
logs/security.log - Error Handling: Generic error messages to prevent information leakage
- Algorithm: AES-256-GCM (Galois/Counter Mode)
- Key Size: 256 bits (32 bytes)
- Nonce Size: 96 bits (12 bytes)
- Authentication: GMAC (Galois Message Authentication Code)
- Encoding: Base64 for keys and nonces
- Random Generation: crypto/rand for secure randomness
- Algorithm: RSA-OAEP with SHA-256
- Key Sizes: 2048, 3072, or 4096 bits (user-selectable)
- Padding: OAEP (Optimal Asymmetric Encryption Padding) with SHA-256
- Key Format: PEM (PKCS#8 for private keys, SubjectPublicKeyInfo for public keys)
- Random Generation: crypto/rand for secure key generation
- Protocol: TLS 1.3 only (TLS 1.0, 1.1, 1.2 disabled)
- Certificate: RSA-4096 self-signed (development)
- Cipher Suites: TLS 1.3 default secure suites
- Save Your Keys: Keys are not recoverable once lost. Always save encryption keys securely.
- Private Key Security: Never share your RSA private key with anyone.
- File Size Limit: Maximum file size is 10 MB (NFR-003).
- Environment Variables: Keep
secrets.envsecure and never commit to version control. - TLS Certificates: Use CA-signed certificates in production (not self-signed).
- Rate Limits: Be aware of operation limits to avoid temporary lockouts.
- Single Tab Usage: Login and operate from one browser tab at a time to avoid CSRF/session issues.
- Password Requirements: Minimum 12 characters with complexity requirements.
Run all 47 tests across 5 packages:
go test ./... -vTest Coverage:
- Authentication: 5 tests (registration, login, lockout, session management)
- Cryptography: 14 tests (6 AES + 8 RSA)
- Storage: 12 tests (6 user storage + 6 key storage with encryption)
- Validation: 12 tests (filename, password, username validation)
- Security Logging: 4 tests (logging methods, concurrency, file creation)
- Account Lockout: Try 5 failed logins → verify 30-minute lockout
- Rate Limiting: Exceed encryption limit → verify 429 error
- CSRF Protection: Try API request without CSRF token → verify rejection
- Session Timeout: Stay inactive for 1 hour → verify auto-logout
- Input Validation: Upload file with spaces in name → verify rejection
- Encrypted Storage: Restart server → verify user data persists
- Security Logging: Perform operations → verify logs in
logs/security.log
- Path Traversal: Try filenames like
../../../etc/passwd(should fail) - Password Strength: Try weak passwords (should fail)
- Session Hijacking: Try using session cookie from different IP (should fail)
- CSRF: Try API requests without proper CSRF token (should fail)
- DoS: Exceed rate limits → verify proper rate limiting
SESSION_SECRET=your-secure-random-session-secret-here-min-32-chars
USER_DATA_ENCRYPTION_KEY=your-secure-32-byte-base64-key-here- SESSION_SECRET: 32+ character random string for session encryption
- USER_DATA_ENCRYPTION_KEY: 32-byte AES key (Base64-encoded) for users.json encryption
- Server Port: 8443 (HTTPS only)
- TLS Version: TLS 1.3 minimum
- Session Timeouts: 1hr inactivity, 12hr absolute
- Account Lockout: 5 attempts, 30-min lockout
- File Size Limit: 10 MB
- Max Concurrent Sessions: 3 per user
data/users.json: Encrypted user databasedata/keys/: Public key storagelogs/security.log: Security audit logcert.pem,key.pem: TLS certificates
This project was developed as part of ENPM680 Fall 2025.
This project is part of an academic assignment.
- Srihari
- Repository: https://code.umd.edu/srihari/enpm680fall25project-srihari
- Check if port 8443 is already in use
- Ensure Go 1.24+ is installed:
go version - Verify
secrets.envexists with valid keys - Generate TLS certificates:
go run cmd/generate_cert.go - Verify all dependencies:
go mod download
After 5 failed login attempts, wait 30 minutes for automatic reset, or restart the server to clear lockout immediately (development only).
Clear your browser cache and access the feature again, or restart the server to generate fresh tokens. Always use only one browser tab for login and operations.
Wait for the time specified in the error message's Retry-After header, or restart the server to reset rate limit counters (development only).
Sessions expire after 1 hour of inactivity or 12 hours absolute. Log in again when prompted. Use only one browser tab to avoid session conflicts.
Rename files to remove spaces and special characters. Use only a-z A-Z 0-9 . _ - in filenames. Maximum file size is 10 MB.
- Verify file size is under 10 MB
- Check that keys are properly formatted (PEM for RSA, Base64 for AES)
- Ensure correct encryption method (AES vs RSA)
- Verify file wasn't corrupted during download
Click "Advanced" → "Proceed to localhost (unsafe)" when accessing https://localhost:8443. This is safe for local development.
Check that logs/ directory exists. Logs are written to logs/security.log in JSON format.
- Hybrid encryption (RSA + AES) for large files
- File integrity verification with digital signatures
- Multi-factor authentication (TOTP)
- Key backup and recovery mechanisms
- Batch file encryption
- Production-ready CA-signed certificates (Let's Encrypt)
- Docker containerization
- Database backend (PostgreSQL) with connection pooling
- Email notifications for security events
- Password reset functionality
- Admin dashboard for user management
- Build & Setup Guide:
CipherDrop-Build-Setup-Guide-Phase5.md - User Guide:
CipherDrop-User-Guide.md - Phase 5 Changes:
Phase5-Changes.md - Design Documents: Phase 4 design and threat model
Version: 2.0.0-phase5
Course: ENPM680 - Cybersecurity for Critical Infrastructure
Project: Phase 5 - Security Implementation
Built with Go • Secure by Design • Privacy First