Secure Vault is a robust application designed to securely store and manage sensitive files in an encrypted vault. The vault ensures strong protection against unauthorized access, even if the underlying storage medium is compromised.
- Vault Creation: Users can create a secure vault protected by a password.
- File Management:
- Add files to the vault with automatic encryption.
- View a list of stored files (metadata only).
- Remove or extract files with decryption.
- Vault Locking and Unlocking: Lock the vault to prevent unauthorized access and unlock it with the correct password.
- File and Vault Integrity Checking: Detect tampering using SHA-256 hashes.
- Strong Encryption: AES-256 in CTR mode for encrypting file content.
- Secure Key Derivation: Argon2 is used for deriving encryption keys from user passwords with a random salt.
- Data Integrity: SHA-256 ensures file and vault integrity.
- Password Security: Passwords are never stored.
The vault file consists of:
- Vault Metadata: Vault-specific details like creation time and salt.
- File Metadata [Encrypted]: Details about stored files, such as names, offsets, and hashes.
- Files [Encrypted]: File content stored in a contiguous encrypted format.
- Integrity Hash: A SHA-256 hash of the entire vault to ensure its integrity.
- Go 1.21.4 or later installed.
- Clone the repository:
git clone https://github.com/your-repo/secure-vault.git cd secure-vault - Install dependencies (if applicable):
go mod tidy
- Run the application:
go run . - Follow the UI prompts to create and manage your secure vault.
This project is open-source and released under the MIT License.