43SecAI

Dynamic Client-Side Encryption System with AI-Generated Algorithms

43SecAI is a TLS/SSL-independent application-layer encryption system that encrypts HTTP POST bodies inside the browser before they leave the client. Encryption algorithms are automatically generated by a fine-tuned language model (Qwen2.5-Coder-1.5B) and rotated every 30 minutes. The system supports any backend language (PHP, Python, Node.js, Ruby, .NET, Go) and is deployed as a standalone reverse proxy.

This project was developed as a joint graduation thesis by Eren Can Ozmen and Meryem Dalgali.

---

Motivation

Modern web applications rely almost entirely on TLS/SSL for data-in-transit security. TLS, however, operates at the transport layer and does not protect against:

1. Compromised TLS termination points (e.g. CDN, load balancer, or reverse proxy) where plaintext reaches the backend.
2. Client-side attacks (man-in-the-browser, malicious browser extensions) that can read the request body.
3. Server-side logging that may write the plaintext body to log files.

43SecAI starts where TLS ends. It provides an additional encryption layer at the application level - and this layer is dynamic: encryption algorithms are not fixed but generated by an AI and rotated continuously. This applies the Moving Target Defense (MTD) principle at the cryptographic algorithm level: an intercepted ciphertext becomes invalid at the next rotation boundary.

---

Architecture

              [AI Server - single central host]
              Python + Flask
              Qwen2.5-Coder-1.5B (LoRA fine-tuned)
              Port 8000
                       |
                       | HTTP polling (every web server checks every 1 min)
                       |
       +---------------+---------------+
       |               |               |
[43sec-agent]   [43sec-agent]   [43sec-agent]
 Reverse Proxy   Reverse Proxy   Reverse Proxy
 Port 3000       Port 3000       Port 3000
       |               |               |
       v               v               v
[PHP Backend]  [Python Flask]   [Node.js Express]

The system has two components:

Component	Responsibility	Language	Deployment
ai_server	Encryption algorithm generation, rotation	Python	Single central host
43sec-agent	Reverse proxy, decryption, replay protection	Node.js (binary)	In front of every web server

The client-side JavaScript libraries (43sec_client.js and validator.js) are automatically served and auto-injected into HTML responses by the agent. No backend code changes are required.

---

Quick Start

Step 1: AI Server (one central host)

git clone https://github.com/<USERNAME>/43SecAI.git
cd 43SecAI/ai_server

python3 -m venv venv
source venv/bin/activate           # Windows: venv\Scripts\activate
pip install -r requirements.txt

python ai_server.py

Expected output:

[43SecAI] AI Server starting...
[43SecAI] URL    : http://127.0.0.1:8000
[43SecAI] Admin Token: <random_token>

Save the admin credentials shown in the console.

Step 2: 43sec-agent (every web server)

Three deployment methods:

A) Standalone binary (Linux):

curl -fsSL https://raw.githubusercontent.com/<USERNAME>/43SecAI/main/43sec-agent/install.sh | bash

43sec-agent \
  --ai http://AI_SERVER_IP:8000 \
  --target http://localhost:8080 \
  --bind 127.0.0.1 \
  --port 3000

B) Standalone binary (Windows):

iwr -useb https://raw.githubusercontent.com/<USERNAME>/43SecAI/main/43sec-agent/install.ps1 | iex

43sec-agent --ai http://AI_SERVER_IP:8000 --target http://localhost:8080 --port 3000

C) From source:

cd 43sec-agent
npm install
node agent.js --ai http://AI_SERVER_IP:8000 --target http://localhost:8080

Parameters:

• --ai - Address of the AI server
• --target - Address of your existing web application (any language)
• --port - Port the agent listens on (users connect here)
• --bind - Bind address (production: 127.0.0.1)

Step 3: Your Web Application

No changes required. The agent automatically intercepts HTML responses and injects the required scripts.

That's it. Just run the agent with --target pointing to your existing app.

---

How It Works

1. The browser requests an HTML page; the agent intercepts the response and injects <script src="/43sec_client.js"></script> and <script src="/validator.js"></script> before </head>.
2. When the user submits a form (POST/PUT/PATCH), the validator scans the request body for SQL injection, XSS, command injection, and path traversal patterns. If detected, the request is blocked client-side.
3. Clean requests are passed to 43sec_client.js, which wraps the body with a nonce and timestamp, then encrypts it with the current AI-generated algorithm.
4. The agent decrypts the request inside a vm.Script sandbox, validates the nonce against the replay registry, and forwards the plaintext body to the backend.
5. The backend processes the request normally - it has no knowledge of the encryption layer.

Every 30 minutes the AI server generates a new algorithm pair. The previous algorithm remains valid for 5 more minutes (transition window). Requests carrying an expired algorithm ID receive HTTP 409 ALGO_EXPIRED, which the client automatically handles by fetching the new algorithm and retrying.

---

Testing

To verify the deployment:

node test_e2e.js

Expected output:

T1 Valid encrypted login        -> 200 PASS
T2 Replay attack                -> 429 PASS
T3 Expired algo ID              -> 409 PASS
T4 Unencrypted POST             -> 400 PASS
T5 100 request throughput       -> 100/100, ~658 req/s

---

Performance

Metric	Value
Throughput	658 requests/second
Average latency (1 KB)	4.7 ms
Total time for 100 requests	152 ms

---

Model Details

Parameter	Value
Base model	Qwen2.5-Coder-1.5B-Instruct
Fine-tuning	LoRA (r=32, alpha=64)
Training dataset	50,000 JS encrypt/decrypt pairs
Epochs	3
Final loss	0.0990
Roundtrip success rate	99.2%

The model file (approximately 3 GB) is not included in this repository. It must be downloaded from a separate distribution channel. The system also works in fallback mode without the model.

---

Security Features

• Dynamic algorithm rotation (every 30 minutes)
• 48-bit key space (~281 trillion values, brute force practically impossible)
• Replay protection with nonce + timestamp (90-second sliding window)
• Algorithm transition window (5-minute TTL) - seamless user sessions
• Fail-secure: unencrypted requests return HTTP 400, AI server down returns HTTP 503
• Isolated vm.Script sandbox for decryption (2-second execution timeout)
• Persistent nonce store on disk (replay protection survives restarts)
• Admin endpoint protection (token-based /rotate)
• Client-side validator (blocks SQL injection, XSS, path traversal, command injection)
• HTML auto-injection - zero backend code changes required

Key Strength Comparison

Parameter	Value
Key space	10,000 to 2^48 (approximately 281 trillion values)
Estimated brute-force time	~12.8 years @ 700K attempts/second
Key generation	secrets.randbelow(2**48 - 10000) + 10000 (cryptographic PRNG)

---

Limitations

This system is a research prototype. The following items are listed as known limitations and future work for production deployment:

1. Encryption key exposed to client - /43sec/algorithm sends the key to the browser. Mitigation: layered TLS use. Solution: per-session ECDH key exchange (planned).
2. Fallback algorithm cryptographically weak - XOR fallback used when the AI model is unavailable. Mitigation: AI-generated algorithms are the primary mode. Solution: switch to AES-GCM (planned).
3. AI server is a single point of failure - If it goes down, rotation stops. Solution: high-availability replication (planned).
4. JavaScript-only encryption - decryptFn requires Node.js. Solution: multi-language decryption generation (planned).

---

Contributors

• Eren Can Ozmen
• Meryem Dalgali

See CONTRIBUTORS.md for details.

---

License

MIT License - see LICENSE.

Copyright (c) 2026 Eren Can Ozmen, Meryem Dalgali