GithubHelp home page GithubHelp logo

lfs's Introduction

lfs (local_file_send)

lfs is a small proof of concept to make file exchange on a local network as simple as possible. The only thing necessary is to pass on a few keywords and the transfer will happen automatically, in a somewhat secure way, between two device on the same network.

How it works

Discovery of the host, serving the file, is done via zeroconf. The service type is _lfs._tcp.local.. To identify the correct serving host, a SHA224 hash, based on the provided keywords, is used as part of the service name: <hash>._lfs._tcp.local..

The data exchange is done in an encrypted fashion. The keywords are based on BIP-0039 (https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki). The underlying entropy is then used as password with PBKDF2, plus a randomly generated salt, which will be passed on before data exchange. The encryption is based on the Fernet (https://github.com/fernet/spec/blob/master/Spec.md) implementation from the cryptography python library (https://github.com/pyca/cryptography). Fernet is based on AES in CBC mode with a 128-bit key for encryption, using PKCS7 padding and HMAC using SHA256 for authentication.

The exchange format is:

  1. First the salt is exchanged:
 0                   1
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             salt              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

salt: Byte sequence used for PBKDF2 key derivation.

  1. Each subsequent transmission contains a length and the encrypted data:
 0                   1
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    length     |               |
+-+-+-+-+-+-+-+-+               |
|                               |
|        encrypted data         |
|                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

length: Payload length of encrypted data in bytes.

Usage

Send a file:

$ python lfs.py <file-to-send>
[*] Share keywords: leg stage viable
[...]

Receive the file:

$ python lfs.py
Please enter the magic keywords: leg stage viable
[*] Starting file transfer
[*] File successfully received
[❤] Thanks for using LFS

Customization options:

usage: lfs.py [-h] [-a] [-s STRENGTH] [-i INTERFACE] [-k KEYWORDS] [-o OUTFILE] [-p PORT] [file]

positional arguments:
  file                  File to be transferred. Receiving mode if omitted.

optional arguments:
  -h, --help            show this help message and exit
  -a, --ask             Ask before accepting file transfer.
  -s STRENGTH, --strength STRENGTH
                        Amount of entropy to use for key derivation. Results in strength×3 key
                        words (default: 1).
  -i INTERFACE, --interface INTERFACE
                        Interface to use for file transfer (only used for file serving and IPv6).
  -k KEYWORDS, --keywords KEYWORDS
                        Keywords to use for exchange, delimited with '-' or space. (Multiples of 3
                        and need to conform to BIP039.)
  -o OUTFILE, --outfile OUTFILE
                        File received data should be stored in (default: served file name).
  -p PORT, --port PORT  Port to listen on (only used for file serving) (default: 12345).

Installation

The script is written in python and the requirements can be installed via:

pip install -r requirements.txt

Note:

For a client to use the IPv6 link-local address of the server, it needs to specify the interface explicitly, otherwise announced link-local addresses will be skipped.

lfs's People

Contributors

christopherschwardt avatar

Stargazers

avatar avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.