Secure Chat System

Key Highlights

• Built a web-based messaging and file sharing application with end-to-end encryption using AES-256-CBC for message content, RSA-2048 for asymmetric key exchange, and SHA-256 hashing for data integrity verification.
• Designed and implemented the key exchange protocol: clients generate ephemeral RSA keypairs on connection; the server facilitates public key distribution without storing private keys or plaintext messages.
• Implemented secure file upload/download workflows where files are AES-encrypted client-side before transmission, ensuring all data remains encrypted at rest and in transit.
• Built the frontend with vanilla JavaScript and WebSockets for real-time delivery, visible encryption status indicators, and per-message integrity verification feedback.
• Implemented SHA-256 message integrity checks — any tampering with ciphertext is detected before decryption, preventing message forgery and replay attacks.
• Designed with zero-knowledge principles: the server relays encrypted payloads without ability to read content, maintaining privacy even under full database compromise.