Author:
- Rosa Reyes
This project implements an application that enables encryption and decryption of messages using symmetric encryption (AES-GCM) and asymmetric encryption (RSA). It also incorporates the use of digital signatures, certificates, and a Public Key Infrastructure (PKI) for enhanced security and authenticity.
Additionally, the application includes a web interface for user registration and authentication, as well as the exchange of encrypted messages.
The folder structure of this project is as follows:
cryptography-project/
│
├── backend/
├── backend.py # Backend for authentication and storing passwords and users in a database.
├── crypto.py # Functions for encryption and decryption of messages and keys.
├── frontend/
├── components.py # Auxiliary components for forms and messages.
├── certificates/ # Folder to store the PKI
├── main.py # Main file to run the application server.
├── requirements.txt # File of necessary dependencies to run the project.
└── users.db # SQLite database to store registered users.
-
Python 3.7 or higher
-
Virtualenv: It is recommended to install a virtual environment to avoid dependency conflicts:
pip install virtualenv
Clone this repository to your local machine:
git clone https://github.com/rosareyes/crypto-lab1
cd crypto-lab1- Create a virtual environment:
python3 -m venv venv
- Activate the virtual environment:
- On Windows:
venv\Scripts�ctivate - On MacOS/Linux:
source venv/bin/activate
- On Windows:
Install the required dependencies by running:
pip install -r requirements.txtTo start the server and run the application, execute:
python main.pyOpen your web browser and go to http://localhost:5001/ to view the user interface.
- Use the registration forms to create users (User-1 and User-2).
- Each user can log in and send encrypted messages to the other user.
- Messages are encrypted using AES-GCM (symmetric encryption), and the symmetric keys used are encrypted with RSA (asymmetric encryption).
- Message encryption and decryption: Using AES-GCM for message encryption and RSA for encrypting symmetric keys.
- User registration and authentication: Securely stores users in the SQLite database, using
Scryptto derive and store password hashes. - Digital signatures and certificates: Use of digital signatures and certificates generated with OpenSSL.
The terminal provides detailed logs of the cryptography processes, such as encryption, decryption, and key exchanges. Below are sample screenshots:
1. Terminal Logs: Sender process
2. Terminal Logs: Receiver process
certificates/directory: This directory contains certificates for CA1, user 1, and user 2.- Database: The
users.dbdatabase securely stores user credentials.
To test the functionality, register two users (User-1 and User-2) and log in with each to send messages. Observe the terminal output to see the encryption and decryption process steps.

