// project :: secure_file_encryption_system
A production-grade file encryption system protecting documents, images, and videos with AES-256-GCM authenticated encryption, PBKDF2-SHA256 key derivation, and a hacker-aesthetic web interface — available across Web, CLI, and Tkinter GUI platforms.
M.Sc. Project — Dr. MGR Education and Research InstituteThe exponential growth of digital data has made file-level encryption a critical need for individuals and professionals handling sensitive documents, medical records, and private media. SecureFile is a multi-platform encryption system that brings military-grade security to everyday file protection through an accessible interface.
The system uses AES-256-GCM — an Authenticated Encryption with Associated Data (AEAD) cipher — ensuring that files are not only encrypted but also protected against tampering. Key derivation uses PBKDF2-HMAC-SHA256 with 600,000 iterations (NIST SP 800-132 compliant), making brute-force attacks computationally infeasible even against modern GPUs. Each file receives a unique 256-bit random salt and 96-bit nonce, eliminating rainbow table and precomputation attacks entirely.
The system is available in three deployment modes: a Flask web application for browser-based access, a Python CLI tool for terminal workflows and scripting, and a Tkinter GUI application for offline desktop use. All three share the same cryptographic core — the custom binary .secf format.
Keywords: AES-256-GCM · PBKDF2-SHA256 · AEAD Encryption · File Security · Python · Flask · Tkinter · Cross-Platform
⚠ Problem
Most users store sensitive files — tax documents, medical records, private photos — as plain, unprotected data on local disks and cloud storage. Existing tools like ZIP encryption use weak RC2/ZipCrypto, and commercial solutions are expensive, proprietary, or require internet access for every operation.
✓ Solution
SecureFile provides free, open-source, offline-capable AES-256-GCM encryption accessible to non-technical users via a web UI, power users via CLI, and desktop users via GUI — all with the same NSA-Suite-B grade cryptographic core and zero password storage.
Limitations of Existing Solutions
Software Requirements
Hardware Requirements
// encryption_pipeline
// three_platform_modes
.secf Binary File Format
All cryptographic parameters are self-contained — no external key files or configuration needed for decryption
Password is never used directly as a key. PBKDF2 stretches and strengthens it using 600,000 iterations of HMAC-SHA256 with a unique 256-bit random salt. Generating 1 billion password guesses at this iteration count would take ~years on modern GPUs.
Galois/Counter Mode transforms plaintext into ciphertext using a 256-bit key and 96-bit nonce. Unlike CBC mode, GCM simultaneously produces a 128-bit authentication tag — decryption fails immediately if even one byte is modified, providing confidentiality and integrity in a single pass.
Each encryption generates a cryptographically random 256-bit salt via secrets.token_bytes(32). This guarantees that encrypting the same file twice with the same password produces completely different ciphertext, defeating rainbow table and precomputation attacks.
A fresh 96-bit nonce (initialisation vector) is generated per encryption using a CSPRNG. Reusing a nonce under the same key in GCM mode would be catastrophic — SecureFile eliminates this entirely with per-file random generation.
File metadata (original filename, extension, size) is stored as AAD — authenticated by the GCM tag but not encrypted. Any modification to the filename or size within the .secf file causes decryption to fail, preventing metadata spoofing attacks.
REST API backend with /api/encrypt and /api/decrypt endpoints. Supports multipart file upload up to 500 MB. Files are processed in-memory and auto-deleted from server after download. Werkzeug secure_filename sanitization prevents path traversal.
Shared cryptographic engine using PyCA cryptography library. PBKDF2 key derivation with 600K iterations, CSPRNG salt/nonce generation, AESGCM encryption/decryption with AAD binding. Used identically across all three platforms.
Full-featured argparse CLI with encrypt, decrypt, and info subcommands. Secure getpass() password prompting, ANSI colour output, progress feedback, and --delete-original flag. Exit codes 0/1 for shell scripting compatibility.
Dark-themed desktop application with non-blocking threading for large files. File chooser dialogs, password strength meter, real-time operation log, and ttk progress bar. Supports encrypt/decrypt mode toggle with context-appropriate file filters.
Single-file CSS design system with scan-line animation, CSS grid background, animated password strength bar, drag-and-drop zone, terminal operation log, and real-time fake progress indicator. Zero framework dependencies — pure HTML/CSS/JS.
Custom binary container packing salt (32B) + nonce (12B) + AAD length (4B) + AAD metadata (JSON) + GCM ciphertext+tag. The info command reads metadata without decryption. Format is fully self-describing — all parameters embedded.
Core: AES-256-GCM Encrypt Function
Encryption Endpoints
| Endpoint | Method | Auth |
|---|---|---|
| /api/encrypt | POST | None |
| /api/decrypt | POST | None |
| /api/supported-formats | GET | None |
Download Endpoints
| Endpoint | Method | Returns |
|---|---|---|
| /api/download/encrypted/<name> | GET | .secf file |
| /api/download/decrypted/<name> | GET | Original file |
Standards & References
FIPS 197
AES Standard (NIST)
NIST SP 800-38D
GCM Mode Specification
NIST SP 800-132
PBKDF Key Derivation
RFC 2898
PBKDF2 Specification
PyCA Cryptography
Python Crypto Library
MIT License
Open Source — Free to Use
Unit Test Results — All Passed
| Test Case | Module | Expected | Result |
|---|---|---|---|
| TC-01: Encrypt PDF | Crypto Core | .secf file produced | PASS |
| TC-02: Decrypt .secf | Crypto Core | Original file restored | PASS |
| TC-03: Wrong Password | GCM Auth | ValueError raised | PASS |
| TC-04: Tampered File | GCM Auth Tag | Decryption rejected | PASS |
| TC-05: Encrypt Image (PNG) | Web API | .secf download served | PASS |
| TC-06: Encrypt Video (MP4) | Web API | 500MB handled correctly | PASS |
| TC-07: CLI encrypt + decrypt | CLI Module | Round-trip identical | PASS |
| TC-08: CLI info command | CLI Module | Metadata shown, no password | PASS |
| TC-09: GUI encrypt thread | GUI Module | Non-blocking, progress shown | PASS |
| TC-10: Unique salt per file | Crypto Core | Different ciphertext each run | PASS |
| Feature | SecureFile | 7-Zip AES | VeraCrypt | GPG |
|---|---|---|---|---|
| AES-256-GCM (AEAD) | ✓ | ✗ (CBC) | ✗ (XTS) | ✗ (CFB) |
| Tamper Detection | ✓ GCM Tag | ✗ | ✗ | Partial |
| 600K PBKDF2 Iterations | ✓ | ✗ (<1K) | ✓ | Configurable |
| Web Browser Interface | ✓ | ✗ | ✗ | ✗ |
| CLI + GUI + Web | ✓ All 3 | CLI + GUI | GUI only | CLI only |
| No Installation (Web) | ✓ | ✗ | ✗ | ✗ |
| Open Source & Free | ✓ MIT | ✓ LGPL | ✓ Apache | ✓ GPL |
| Self-Describing Format | ✓ .secf | ✗ | ✗ | Partial |
Full drag-and-drop UI. Encrypt and download files directly in your browser. No installation — just run and visit localhost.
For terminal power users and automation. Three subcommands: encrypt, decrypt, info. Script-friendly exit codes and batch processing.
Offline desktop application. Dark themed with file chooser dialogs, strength meter, operation log, and threaded processing for large files.
⚠ Important Security Note
🔑 Passwords are NEVER stored. A lost password means permanent data loss. Use a strong, memorable passphrase and store it in a password manager.
🗑️ Web: Files are auto-deleted from server immediately after download. No data is retained. CLI/GUI: files stay local only.
🔄 Each encryption is unique. Encrypting the same file twice produces different .secf output due to fresh salt + nonce generation.
✅ GCM guarantees integrity. If the encrypted file is corrupted or tampered with, decryption fails with a clear error — no silent data corruption.