File encryption using ECIES

Question

I am currently trying to build a project (self-learning) which essentially is a website for sharing files (between two users). I want to encrypt a file (pdf) using ECIES (primary objective) and then send it to another user. My questions are:

How to encrypt a file at client-side?
How to send an encrypted file to a server (which language/library/technology)

As my questions suggest, I am a beginner in web development.

What you are describing sounds very similar to https://www.encryptedsend.com/. The whitepaper on that site describes answers to both of your questions. — mti2935, Aug 27 '20 at 01:41
Yes you are right! This is almost exactly what I want to do! — Chinmay Vemuri, Aug 27 '20 at 02:36

score 1 · Answer 1 · answered Aug 25 '20 at 15:52

As you're probably already aware, you won't get much use on a website like that as it's really difficult to prove you're not performing a MITM attack. That said from a cryptography point of view the tech you should use/investigate is:

ephemeral:ephemeral elliptic curve Diffie-Hellman, using a strong curve with fast, constant time scalar multiplication such as curve25519/x25519, deriving a shared secret which can be used (by hashing the x co-ordinate with a strong hash function such as SHA-256, SHA-3 or Blake2b).
using the key agreed in step one, encrypt with a strong authenticated symmetric cipher such as ChaCha20-Poly1305.
There are tonnes and tonnes of options, perhaps if you wanted to try being decentralised, the website could help route users to each others public keys on IPFS.

You piqued my interest with the last point. Can you elaborate that? — Chinmay Vemuri, Aug 25 '20 at 17:15

File encryption using ECIES

1 Answers1