![]() On the frontend, we will use JavaScript with React.On the backend side, we will use Django and django-rest-framework.In this article, we will see how to implement end-to-end encryption in a file transfer application. Seald SDK (certified by the ANSSI) enables developers to ignore this complexity altogether by using a cryptographic library that takes care of this. This requires the generation of encryption/decryption key pairs on the users' devices, which can be very hard for a developer, both in terms of difficulty and security risk. It allows to cryptographically secure a file, so that only authorized people can read the file. There is a technology that can to answer this problem: end-to-end encryption. Which means that a malicious person (a hacker, for example) who had compromised the security of the application (this echoes the recent vulnerability found in Log4j) would be able to read them as well. Thus, a developer or system administrator could read them. Nevertheless, the file, once sent to the server, is often stored "in clear". Usually, the security measures put in place are mainly on the transfer (using SSL/TLS for HTTPS). Naively, the files are directly copied to the servers. However, how do these platforms ensure the confidentiality of the data that goes through them? ![]() There are many file sharing applications (WeTransfer, OneDrive, Dropbox. An end-to-end encrypted file sharing application Be careful, this is a demonstration project, which comes with no guarantee and needs some improvements to be used in production. If you want to play with the final project, you can find it on our Github repository seald/sdk-upload-example, with instructions to run it on Docker.
0 Comments
Leave a Reply. |