in reply to
Encrypt files on server and then decrypt when user downloads
If you want any sort of real encryption security, use GPG. But, if you are willing to use a laxer bit of security, you might try experimenting with html keys auth. See client ssl certs.
And this isn't Perl, but if you look at Processing.js you can write some easy code to embed your own java decrypter application that would be able to decrypt what comes in and display it in it's own canvas window id of the DOM.
But to explain that is too complicated to do in a forum like this. If you can figure it out, good, but otherwise don't
ask me how. :-)