Link Search Menu Expand Document

An End-to-End Encrypted File Sharing System

Banner

In this project, you will apply the cryptographic primitives introduced in class to design and implement the client application for a secure file sharing system. Imagine something similar to Dropbox, but secured with cryptography so that the server cannot view or tamper with your data.

The client will be written in Golang and will allow users to take the following actions:

  • Authenticate with a username and password;
  • Save files to the server;
  • Load saved files from the server;
  • Overwrite saved files on the server;
  • Append to saved files on the server;
  • Share saved files with other users; and
  • Revoke access to previously shared files.

We provide several resources to get you started:

  1. We provide two servers that you can utilize in the design of your client application: the Keystore, and the Datastore.
  2. We provide implementations of several cryptographic algorithms and a number of functions that you can use to interact with Keystore and Datastore. These utilities are defined in userlib, which is already imported into client.go.
  3. We define eight API functions in the starter code (see client.go) that you must implement (see Grading and Deliverables).

Using these resources and your knowledge of computer security, you will design a secure client application that satisfies all of the Design Requirements.

As always, if you have questions about this documentation (or find errors), please make a post on Piazza!

Staff Advice

Design a solution before starting the implementation. Students consistently agree that design is harder than implementation across multiple iterations of this project. A faithful implementation of a faulty design will not earn you many points.

To approach the design process, read through the Design Requirements and the function definitions that you are required to implement in client.go. Think about how you can design your client to provide the required functionality. Here are some useful questions to get you started:

  • What data do you need to track for each user?
  • What data do you need to track for each file?
  • What will you store in the datastore? What will you store in the keystore?

If you are stuck, try ignoring the file sharing functionality and instead focus on how to provide just the store/load file functionality. While you might need to later change your design to support secure sharing, this project is much easier to grasp when sharing is not involved!