GhostPass is a secure ID verification system that allows users to authenticate and share verification tokens without exposing their actual data. It uses encryption, hashing, and digital signatures to ensure privacy, integrity, and authenticity.
- Secure User Authentication: Passwords are hashed for protection.
- Encrypted Document Storage: Ensures confidentiality and integrity.
- Token-Based Verification: Uses HMAC and digital signatures.
- Privacy-Preserving Verification: Third parties can verify identities without accessing actual documents.
Ensure you have Python 3.8+ installed along with the required dependencies.
- Clone the repository:
git clone https://github.com/your-repo/ghostpass.git cd ghostpass - Install required dependencies:
pip install -r requirements.txt
Handles encrypted document uploads.
python upload_server.pyManages authentication, encryption, and tokenization.
python server.pyRegisters users, uploads documents, and requests verification tokens.
python client.pyVerifies tokens and grants/denies access.
python third_party.py- User registers and logs in.
- User uploads encrypted documents.
- User requests a verification token.
- Server generates and signs the token.
- User shares the token with a third party.
- The third party sends the token to the server for verification.
- Server verifies the token and responds to the third party.
- The third party grants or denies access to the user.
- Password Hashing: SHA-256
- Encryption: AES-256 for document storage
- Integrity Check: HMAC-SHA256 for tokens
- Digital Signatures: RSA-2048 for authentication
- Ensure all servers are running before executing the client.
- Tokens are time-sensitive and expire after a predefined duration.
- Modify
config.pyfor custom security parameters.
This project is licensed under the MIT License.