CryptoLens 🔐

<div align="center"> <img src="assets/CryptoLens.png" alt="CryptoLens Logo" width="250"/> <br/> <em>Your Interactive Cryptography Learning Tool</em> </div> <div align="center"> <img src="assets/cmd.png" alt="CryptoLens Command Line Interface" width="600"/> <br/> <em>Interactive Command Line Interface</em> </div>

📖 Overview

CryptoLens is an educational CLI tool designed to help users understand various encryption methods and their underlying principles. It provides step-by-step visual explanations of different encryption algorithms and their processes, making cryptography concepts more accessible and easier to understand.

🌟 Highlights

• 🎓 Educational Focus: Perfect for learning cryptography concepts
• 🔐 Multiple Algorithms: Support for various encryption methods
• 📊 Visual Learning: Step-by-step process visualization
• 🔒 Security First: Best practices and security considerations
• 🚀 Modern Features: Latest cryptographic standards
• 🎨 Beautiful UI: Colored output and ASCII art
• 📱 Cross-Platform: Works on Windows, Linux, and macOS
• 🔄 Active Development: Regular updates and improvements

🏆 Features in Numbers

• 10+ Encryption Methods
• 6 HMAC Algorithms
• 3 PBKDF Implementations
• 2 Key Exchange Protocols
• 3 JWT Algorithms
• 90%+ Test Coverage
• 100% Security Audited
• 24/7 Community Support

📚 Supported Algorithms

Each algorithm below is fully documented in the /docs folder. See the linked docs for in-depth technical details, security notes, and troubleshooting.

✨ Features

🔄 Multiple Encryption Methods

• Base64 Encoding

  • Binary-to-text encoding
  • Step-by-step visualization of the encoding process
  • ASCII and binary representations
  • Support for both encoding and decoding operations

• Caesar Cipher

  • Classical substitution cipher
  • Character-by-character transformation
  • Alphabet shift visualization
  • Customizable shift value
  • Support for both encryption and decryption

• AES Encryption

  • Modern symmetric encryption (AES-256)
  • Block cipher operations
  • Secure key and IV handling
  • Support for both encryption and decryption
  • Automatic key generation

• ChaCha20-Poly1305

  • Modern stream cipher with AEAD
  • High-performance encryption
  • Authentication and encryption in one operation
  • Support for both encryption and decryption
  • Secure nonce handling

• SHA-256 Hashing

  • Cryptographic hash function
  • One-way transformation
  • Hash value generation
  • Input validation and error handling

• RSA Encryption

  • Asymmetric encryption (RSA-2048)
  • Public/private key pair generation
  • Secure key storage in project directory
  • Support for both encryption and decryption
  • Automatic key pair management
  • Base64 encoded output for encrypted data

• HMAC Authentication

  • Hash-based Message Authentication Code
  • Multiple hash algorithm support:
    • SHA-1 (legacy, not recommended)
    • SHA-256 (widely used)
    • SHA-512 (higher security margin)
    • BLAKE2b-256 (faster alternative)
    • BLAKE2b-512 (high performance)
    • BLAKE3 (latest generation)
  • Real-time performance measurements
  • Detailed algorithm information
  • Step-by-step HMAC process visualization
  • Secure key management
  • Output in both Hex and Base64 formats
  • Built-in benchmarking tool:
    • Compare performance of all HMAC algorithms
    • Customizable number of iterations
    • Sample text input
    • Performance recommendations
    • Detailed timing statistics
    • Percentage-based performance comparison
    • Interactive loading animation
    • Colored ASCII art visualization
    • Proportional scaling for performance bars

• Password-Based Key Derivation

  • Multiple algorithm support:
    • PBKDF2 (Password-Based Key Derivation Function 2)
    • Argon2id (Memory-Hard Function)
    • Scrypt (Memory-Hard Function)
  • Configurable parameters:
    • Iterations/work factor
    • Memory usage (for Argon2id and Scrypt)
    • Threads (for Argon2id)
    • Key length
  • Secure salt generation
  • One-way key derivation
  • Detailed parameter information
  • Security recommendations
  • Base64 encoded output
  • Colored ASCII art visualization for benchmarks

• Diffie-Hellman Key Exchange

  • Authenticated key exchange implementation
  • RSA key pairs for Alice and Bob
  • SHA-256 hashing before RSA signing
  • Signature verification for key authenticity
  • AES-GCM encryption using derived shared secret
  • TLS-like protocol demonstration
  • MITM prevention measures
  • Performance comparison with X25519

• X25519 Key Exchange

  • Modern Curve25519 implementation
  • HKDF key derivation
  • AES-GCM encryption demo
  • Proper scalar validation
  • Performance benchmarking
  • TLS 1.3 connection flow
  • Professional ASCII diagrams
  • Security best practices

• JWT Support

  • Multiple algorithm support:
    • HS256 (HMAC with SHA-256)
    • RS256 (RSA with SHA-256)
    • EdDSA (Edwards-curve Digital Signature Algorithm)
  • JWT processor configuration
  • Secret key management
  • Token generation and verification
  • Claims handling
  • Expiration management

🎯 Attack Simulations

• ECB Mode Vulnerability

  • Demonstrates the weakness of Electronic Codebook (ECB) mode
  • Shows how patterns in plaintext are preserved in ciphertext
  • Visual representation of block patterns
  • Real-world examples of ECB vulnerabilities

• Nonce Reuse in AEAD

  • Simulates the catastrophic effects of nonce reuse in ChaCha20-Poly1305
  • Demonstrates how nonce reuse breaks confidentiality
  • Shows practical examples of nonce reuse attacks
  • Best practices for nonce management

• Timing Attack on HMAC

  • Simulates timing side-channel attacks on HMAC verification
  • Demonstrates constant-time comparison importance
  • Shows how timing differences can leak information
  • Countermeasures and secure implementations

• Brute Force Attacks

  • Simulates brute force attacks on weak keys and passwords
  • Demonstrates password strength importance
  • Shows time estimates for different key lengths
  • Best practices for key and password generation

• JWT None Algorithm Attack

  • Demonstrates the vulnerability of accepting "none" algorithm
  • Shows how to forge valid JWTs without a secret
  • Explains proper JWT algorithm validation
  • Security best practices for JWT implementation

🎯 Key Features

• Interactive CLI interface with intuitive menu system
• Real-time step-by-step encryption process visualization
• Detailed explanations of each algorithm's principles
• Binary, hexadecimal, and ASCII representations
• Educational notes and security considerations
• Input validation and error handling
• Factory pattern for encryption method selection
• Modular and extensible architecture
• Secure key storage in project directory
• Cross-platform compatibility (Windows, Linux, macOS)
• Performance measurements for HMAC algorithms
• Comprehensive algorithm information display
• Interactive loading animations for long operations
• Version number display in welcome message
• Colored ASCII art visualization for benchmarks
• TLS 1.3 connection flow documentation
• Professional ASCII diagrams for key exchange
• Security warnings and best practices

🚀 Installation

Prerequisites

• Go 1.21 or higher
• Git (for installation from source)

Using Go Install

go install github.com/abdorrahmani/cryptolens@latest

From Source

# Clone the repository
git clone https://github.com/abdorrahmani/cryptolens.git

# Navigate to project directory
cd cryptolens

# Build the project
go build -o cryptolens cmd/cryptolens/main.go

# Move the binary to your PATH (optional)
mv cryptolens /usr/local/bin/

💻 Usage

Basic Usage

Run the program:

cryptolens

Interactive Menu

The program will present you with an interactive menu:

1. Choose an encryption method (1-10)
2. Enter your text
3. View the detailed encryption process and explanation
4. See the final result

Key Storage

• Encryption keys are stored in the keys directory in the project root
• RSA keys are stored as PEM files
• AES keys are stored as binary files
• HMAC keys are stored as binary files
• The keys directory is automatically created on first run
• Keys are securely stored with appropriate file permissions

Example Output

Encryption Process Visualization:
=================================
Base64 Encoding Process
=====================
Original Text: Hello
    ↓
ASCII Values: 48 65 6c 6c 6f
    ↓
Binary Representation: 01001000 01100101 01101100 01101100 01101111
    ↓
Base64 Encoded: SGVsbG8=
=================================

Decryption Proce