Beyond Nonce Uniqueness: A Cryptographic Evaluation of AES-GCM in Secure Anonymous File Sharing Systems
摘要
We present a secure, anonymous file sharing system that utilizes AES-256 in Galois/Counter Mode (AES-GCM) within a serverless FastAPI and AWS S3 architecture. We address the challenge of providing confidentiality and integrity without user registration by employing client-side AES-GCM encryption with unique 96-bit IVs, optional Argon2id-based password protection, and robust key management. We benchmark encryption/decryption performance across file sizes (5 MB–200 MB) and KDF settings (PBKDF2, Argon2id), demonstrating linear scalability and a 30–40% overahead for Argon2id. Comparative analysis against AES-CCM and ChaCha20-Poly1305 shows favorable throughput of AES-GCM under hardware acceleration. We conclude with deployment guidelines, limitations, and future directions, including post-quantum extensions and zero- knowledge audit mechanisms.