Secure Drop
What?
How?
User Experience
Learned
Links
Secure Drop was the product of a semester long project where I learned how to create a connection between a server and client. The principle element in this assignment revolved around security, making sure the client-server communications were encrypted as well as the file contents sent between users. This was achieved through the use of SSL certificates to encrypt and TCP sockets and threading to establish a connection.
Secure drop is a project created with Python that uses SSL, TCP sockets and threading to establish encrypted communication from the client to the server and the server to the client to send file contents. Users have the option to add contacts, see who’s online and send and receive files.
Server and Client: Users must start a server to host the session. The server manages communication between clients, while each client communicates with the server to request specific functions or actions.
SSL: SSL, or Secure Sockets Layer, is a protocol that encrypts and authenticates data transmitted across a server, ensuring secure communication. On the client side, SSL employs salted hashing, which adds a random string of characters to a password before hashing it, significantly enhancing security.
Sockets and Threading: Threading facilitates the connection between the server and clients, while sockets handle the communication of requests between them. When a client wants to send a file to another client, it initiates a request via sockets to the server. The server then relays this request to the recipient client, asking whether they wish to accept or decline the file. The recipient’s response is sent back through the server, which in turn informs the sender client whether the file transfer has been approved or denied.
First, start the server. Once it's running, you can launch the program, which will prompt you to either log in or sign up.
After logging in or signing up, you'll be taken to the main page. From there, type help to view the available commands:
To transfer a file, the recipient types the recv command, and the sender types send. The sender will then enter the file path, and the recipient can choose to accept or decline the transfer. If accepted, the file is sent over.
Through this project, I gained a deeper understanding of encryption, specifically using SSL certificates to ensure secure communication between servers and clients. I also learned how to set up both servers and clients effectively, managing the secure exchange of data between them. This experience developed my knowledge of the importance of security protocols in network communication and advanced my skills in implementing these protocols to protect sensitive information during data transmission.