File Download System

✨ Project Information

✨About the Project

Our team is developing a secure method for online document exchange.

A content server and an authentication server are the system's two primary bases.

Content Server

On the content server, users can reliably store and access their encrypted data.
When a user uploads a file to the server, the server generates a random file key and uses it to encrypt the file using AES-CBC.
After encrypting the file's key with RSA-OAEP and the user's public key, the encrypted key is stored on the server.
Each file on the server is associated with an access control list (ACL) that specifies which users are authorised to view the file.
The ACL is constructed using a vector of User objects, each of which contains a user ID and password.

Authentication Server

The authentication server manages account information and credentials.
The server maintains a user's username and password in an unordered_map when the user registers for a server.
Before granting access to files on the content server, the authentication server verifies the credentials of the user.
If the authentication was successful, the content server will verify the user's access privileges to the file based on the ACL. 'Once the content server has validated the user's credentials, it will retrieve the encrypted file key from its storage, decrypt it with the user's private key, and then use the decrypted file key to decrypt the file.

The above code contains the classes User, ACL, and ContentServer that constitute the content server's implementation. Using the AES-CBC encryption/decryption utilities, it is possible to encrypt and decrypt files. This project's overarching objective is to provide a secure method for file sharing by limiting access to only those who require it using a combination of symmetric and asymmetric encryption and authentication.

✨ Modules and Explanation

Encryption Module

First, a random salt is generated. This is a sequence of random bytes that will be used as part of the encryption process.
The password is hashed using a secure one-way hash function, along with the salt. The resulting hash value is called the "key".
A new initialization vector (IV) is generated. This is another sequence of random bytes that is used to ensure that each encryption operation produces a unique ciphertext, even if the same plaintext is encrypted multiple times.
The plaintext message is padded to a multiple of the block size (which is typically 128 bits for AES). This ensures that the plaintext is a fixed size that can be divided into blocks.
The plaintext message is encrypted using AES-256 in CBC mode. CBC stands for Cipher Block Chaining, which means that each block of plaintext is XORed with the previous block's ciphertext before being encrypted. The IV is XORed with the first plaintext block before encryption.
The resulting ciphertext is concatenated with the salt and IV and encoded using Base64. The salt and IV are included with the ciphertext to allow the decryption process to reproduce the same key and IV used for encryption.
That's a high-level overview of the encryption process used in this code.

Decryption Module

Convert the encrypted text into bytes using the base64 decoding method.
Use the initialization vector (iv) and the secret key to create a new instance of the AES cipher in CBC mode.
Decrypt the encrypted text using the AES cipher and the iv.
Remove any padding added during the encryption process.

This process uses the AES symmetric key encryption algorithm in CBC mode to decrypt the encrypted text.
The initialization vector (iv) is used to ensure that the same plaintext does not result in the same ciphertext when encrypted multiple times with the same key.
The secret key used to decrypt the text must be the same as the one used to encrypt it.
The base64 encoding is used to convert the encrypted text from a string into bytes, which can be decrypted by the AES cipher.
Finally, the padding added during the encryption process is removed to obtain the original plaintext.

✨Take a look at our High Level Design

✨ Instructions for Cloning this Repository Locally

Use the command: git clone https://github.com/anushkapatil18/File-Download-System.git
Navigate to How to Run Section for the next steps !

✨ How to Run This code ?

Function

Login.cpp

First register with username and password, a file with username.txt will be created.
Then you can login to see file contents. [Upload File content not implemented]

Run on linux terminal

┌──(kali㉿kali)-[~/Desktop/CodeChallenge]
└─$ g++ login.cpp -lcrypto

g++ login.cpp -lcrypto

┌──(kali㉿kali)-[~/Desktop/CodeChallenge]
└─$ ./a.out

./a.out

1. Register
2. Login

Your choice: 1
Register

Enter username: admin1
Enter password: admin1
EVP_EncryptUpdate() failed: Success
Welcome admin1!

┌──(kali㉿kali)-[~/Desktop/CodeChallenge]
└─$ ./a.out

1. Register
2. Login

Your choice: 2
Login

Enter username: admin1
Enter password: admin1
Logg In Success!
Welcome back!

Your Files
Files:

1. Sign Out
2. Back to menu
Your choice:
1

maine.cpp

g++ maine.cpp -o my_program -lcrypto

✨ Instructions to contribute

To contribute fork this repository and clone it. Make changes and create a pull request. Follow the step below to contribute.

Add your email and user name in git bash

$ git config --global user.name "YOUR NAME"
$ git config --global user.email "YOUR EMAIL ADDRESS"

Fork the repo

On the upper right you can see a option to fork the repository. Fork it to make changes.

Clone the project

Use the below command to clone the repo into your local system.

$ git clone https://github.com/anushkapatil18/File-Download-System.git

Add upstream to repository

$ cd <your-forked-project-folder>
$ git remote add upstream https://github.com/anushkapatil18/File-Download-System.git
$ git checkout main
$ git fetch upstream
$ git merge upstream/main
$ git push origin main

Creating branch for the new change on feature or bug fix

$ git checkout -b <feature-branch>
$ git add --all
$ git commit -m "<commit message>"

Creating pull request

$ git push origin main

hariketsheth/File-Download-System