» An End-to-End Encrypted File Sharing System
An End-to-End Encrypted File Sharing System
In this project, you will apply the cryptographic primi�ves introduced in class to design and
implement the client applica�on for a secure file sharing system. Imagine something similar to
Dropbox, but secured with cryptography so that the server cannot view or tamper with your
data.
The client will be wri�en in Golang and will allow users to take the following ac�ons:
1. Authen�cate with a username and password;
2. Save files to the server;
3. Load saved files from the server;
4. Overwrite saved files on the server;
5. Append to saved files on the server;
6. Share saved files with other users; and
7. Revoke access to previously shared files.
We provide several resources to get you started.
1. We provide two servers that you can u�lize in the design of your client applica�on: the
Keystore, and the Datastore.
https://cs161.org/assets/misc/regulus/banner.jpg
https://cs161.org/proj2/servers/keystore.html
https://cs161.org/proj2/servers/datastore.html
2. We provide implementa�ons of several cryptographic algorithms and a number of
func�ons that you can use to interact with Keystore and Datastore. These u�li�es are
defined in userlib, which is already imported into client.go.
3. The Project 2 – Starter Code defines 8 func�ons in client.go that you must implement (see
Grading and Deliverables).
Using these resources and your knowledge of computer security, you will design a secure
client applica�on that sa�sfies all of the Design Requirements.
The best way to digest this project documenta�on is to read each sec�on sequen�ally using
the Next bu�on at the bo�om of each page.
As always, if you have ques�ons about this documenta�on (or find errors), please make a
post on Piazza!
Staff Advice
Design a solu�on before star�ng the implementa�on. Students consistently agree that design
is harder than implementa�on across mul�ple itera�ons of this project. A faithful
implementa�on of a faulty design will not earn you many points.
To approach the design process, read through the Design Requirements and the func�on
defini�ons that you are required to implement in client.go. Think about how you can design
your client to provide the required func�onality. Here are some useful ques�ons to get you
started:
Where will you store data?
What data will be stored on which server?
What data structure will you use to store the data?
If you are stuck, try ignoring the file sharing func�onality and instead focus on how to
provide just the store/load file func�onality. While you might need to later change your
design to support secure sharing, this project is much easier to grasp when sharing is not
involved.
Make sure your implementa�on does not panic on the basic func�onality tests provided in
client_test.go. An implementa�on that panics on those tests will get a zero in the code
sec�on.
Submit to the autograder once in a while. The autograder will warn you if your
implementa�on panics in any of the hidden tests.
https://github.com/cs161-staff/project2-userlib/blob/master/userlib.go
https://github.com/cs161-staff/project2-starter-code/blob/main/client/client.go
https://github.com/cs161-staff/project2-starter-code/blob/main/client/client.go
https://cs161.org/proj2/grading/index.html
https://cs161.org/proj2/design_requirements.html
https://cs161.org/proj2/design_requirements.html
https://github.com/cs161-staff/project2-starter-code/blob/main/client/client.go
https://github.com/cs161-staff/project2-starter-code/blob/main/client_test/client_test.go
Contents
Story
Welcome to REGULUS – [REGU]lated [LU]nar [S]torage
REGULUS Privacy Policy
1. Grading and Deliverables
1.1. Design Document
1.1.1. Sec�on 1: System design
1.1.2. Sec�on 2: Security analysis
1.2. Test Coverage
1.3. Autograded Code
1.3.1. Autograder rules
2. Threat Model
2.1. Datastore Adversary
2.2. Revoked User Adversary
3. Design Requirements
3.1. Usernames and Passwords
3.2. User Sessions
3.3. Cryptography and keys
3.4. No Persistent Local State
3.5. Files
3.6. Sharing and Revoking
3.7. Efficiency
3.8. Golang
4. Server APIs
4.1. Keystore
4.2. Datastore
5. Client Applica�on API
5.1. InitUser: Create a user account.
5.2. GetUser: Log in using username and password
5.3. User.StoreFile: Store a new file
5.4. User.LoadFile: Load a previously stored file
5.5. User.AppendToFile: Efficiently append data to an exis�ng file
5.6. User.CreateInvita�on: Create a secure file share invita�on
5.7. User.AcceptInvita�on: Add a shared file to personal file namespace
5.8. User.RevokeAccess: Revoke file access
6. Some helpful examples
6.1. Single-User File Storage
6.2. Sharing a file with another user
6.3. Revoke access from a user
7. Cryptographic Func�ons
7.1. Public Key Encryp�on (PKE)
7.2. Digital Signatures (DS)
7.3. Hash Func�on
https://cs161.org/proj2/story/index.html
https://cs161.org/proj2/story/regulus.html
https://cs161.org/proj2/story/privacy.html
https://cs161.org/proj2/grading/index.html
https://cs161.org/proj2/grading/design_doc.html
https://cs161.org/proj2/grading/design_doc.html#section-1-system-design
https://cs161.org/proj2/grading/design_doc.html#section-2-security-analysis
https://cs161.org/proj2/grading/tests.html
https://cs161.org/proj2/grading/code.html
https://cs161.org/proj2/grading/code.html#autograder-rules
https://cs161.org/proj2/threat_model.html
https://cs161.org/proj2/threat_model.html#datastore-adversary
https://cs161.org/proj2/threat_model.html#revoked-user-adversary
https://cs161.org/proj2/design_requirements.html
https://cs161.org/proj2/design_requirements.html#usernames-and-passwords
https://cs161.org/proj2/design_requirements.html#user-sessions
https://cs161.org/proj2/design_requirements.html#cryptography-and-keys
https://cs161.org/proj2/design_requirements.html#no-persistent-local-state
https://cs161.org/proj2/design_requirements.html#files
https://cs161.org/proj2/design_requirements.html#sharing-and-revoking
https://cs161.org/proj2/design_requirements.html#efficiency
https://cs161.org/proj2/design_requirements.html#golang
https://cs161.org/proj2/servers/index.html
https://cs161.org/proj2/servers/keystore.html
https://cs161.org/proj2/servers/datastore.html
https://cs161.org/proj2/client_api/index.html
https://cs161.org/proj2/client_api/init_user.html
https://cs161.org/proj2/client_api/get_user.html
https://cs161.org/proj2/client_api/store_file.html
https://cs161.org/proj2/client_api/load_file.html
https://cs161.org/proj2/client_api/append_to_file.html
https://cs161.org/proj2/client_api/create_invitation.html
https://cs161.org/proj2/client_api/accept_invitation.html
https://cs161.org/proj2/client_api/revoke_access.html
https://cs161.org/proj2/examples/index.html
https://cs161.org/proj2/examples/basic_without_sharing.html
https://cs161.org/proj2/examples/share.html
https://cs161.org/proj2/examples/revoke.html
https://cs161.org/proj2/crypto/index.html
https://cs161.org/proj2/crypto/public_key_encryption.html
https://cs161.org/proj2/crypto/digital_signatures.html
https://cs161.org/proj2/crypto/hash.html
7.4. Hash-Based Message Authen�ca�on Code (HMAC)
7.5. Hash-Based Key Deriva�on Func�on (HKDF)
7.6. Password-Based Key Deriva�on Func�on
7.7. Symmetric Encryp�on
7.8. Random Byte Generator
8. Ge�ng Started Coding
9. Coding Tips
9.1. JSON
9.2. Universally Unique Iden�fier (UUID)
9.3. Common Issues With Go
10. Changelog
10.1. [Unreleased]
10.2. 2021-10-17
10.2.1. Added
10.3. 2021-10-19
10.3.1. Changed
10.4. 2021-10-22
10.4.1. Changed
10.5. 2021-10-23
10.5.1. Changed
https://cs161.org/proj2/crypto/hmac.html
https://cs161.org/proj2/crypto/hkdf.html
https://cs161.org/proj2/crypto/password_key_derivation.html
https://cs161.org/proj2/crypto/symmetric_encryption.html
https://cs161.org/proj2/crypto/random_byte_generator.html
https://cs161.org/proj2/start_coding.html
https://cs161.org/proj2/coding_tips/index.html
https://cs161.org/proj2/coding_tips/json.html
https://cs161.org/proj2/coding_tips/uuid.html
https://cs161.org/proj2/coding_tips/golang.html
https://cs161.org/proj2/CHANGELOG.html
https://cs161.org/proj2/CHANGELOG.html#unreleased
https://cs161.org/proj2/CHANGELOG.html#id1
https://cs161.org/proj2/CHANGELOG.html#added
https://cs161.org/proj2/CHANGELOG.html#id2
https://cs161.org/proj2/CHANGELOG.html#changed
https://cs161.org/proj2/CHANGELOG.html#id3
https://cs161.org/proj2/CHANGELOG.html#id4
https://cs161.org/proj2/CHANGELOG.html#id5
https://cs161.org/proj2/CHANGELOG.html#id6