Encryption Standards¶
AES-256-CTR — the same encryption standard used by governments, banks, and major cloud providers.
Algorithm: AES-256-CTR¶
| Property | Value |
|---|---|
| Cipher | AES (Advanced Encryption Standard) |
| Mode | CTR (Counter Mode) |
| Key size | 256 bits (32 bytes) |
| Block size | 128 bits (16 bytes) |
| IV size | 128 bits (16 bytes), random per file |
| Output size | Same as input (stream cipher — no padding) |
AES-256 is approved by NIST, used by the US government for TOP SECRET classification, and is the gold standard for symmetric encryption worldwide.
Why CTR Mode?¶
AES-CTR (Counter Mode) turns AES into a stream cipher by encrypting sequential counter values and XOR-ing them with the plaintext.
Key advantages for Lenzeye's use case:
| Property | Why It Matters |
|---|---|
| Seekable | Any byte position can be encrypted/decrypted independently — essential for multipart upload |
| Parallelizable | Different chunks can be encrypted concurrently — no sequential dependency |
| No padding | Output is exactly the same size as input — no size inflation |
| Stream friendly | Can encrypt/decrypt while streaming — no need to buffer entire file |
Initialization Vector (IV)¶
Every file gets a unique, randomly generated 16-byte IV:
- Generated with
os.urandom(16)— cryptographically secure random bytes from the OS - Prepended to the ciphertext in S3:
[16B IV][ciphertext] - Included in HMAC computation — IV tampering is detected
- Ensures two identical files produce completely different ciphertexts (semantic security)
Key Hierarchy¶
Master Key (256-bit, env variable)
└── AES-256-GCM wraps Per-User Key
└── AES-256-CTR encrypts File Content
└── HMAC-SHA256 over IV + Ciphertext
- Master key — never leaves the server environment variable
- Per-user key — 256-bit, unique per user, stored encrypted in PostgreSQL
- Per-file IV — 256-bit random, stored in S3 object body
Encryption in Transit¶
All network communication uses TLS 1.2+ (enforced by Render's HTTPS proxy and Wasabi's endpoints):
- Browser ↔ Lenzeye server: HTTPS
- Lenzeye server ↔ Wasabi S3: HTTPS
- Presigned URL PUT requests (browser ↔ S3 direct): HTTPS
Industry Comparison¶
| Standard | Key Size | Mode | Used By |
|---|---|---|---|
| Lenzeye | AES-256 | CTR | Lenzeye |
| AWS S3 SSE | AES-256 | GCM | Amazon |
| Signal | AES-256 | CBC+CTR | Signal |
| TLS 1.3 | AES-256 | GCM | Entire internet |
| AES-256 | CBC | Meta |
Lenzeye uses the same key size as all major providers. CTR mode with HMAC-SHA256 is equivalent in security strength to GCM mode.