FolderVault
Advanced file encryption tool using AES-256-GCM with secure key derivation
The Challenge
Organizations need a secure, user-friendly way to encrypt sensitive files and folders without relying on cloud services. Existing tools often lack proper key management or use outdated encryption standards.
My Approach
Reconnaissance: Analyzed common file encryption vulnerabilities and user pain points
Research: Studied NIST standards for AES-256-GCM implementation
Development: Built Python CLI tool with PBKDF2 key derivation
Validation: Tested against various file types and sizes with security audits
Tech Stack
Key Features
Military-grade AES-256-GCM encryption with authenticated encryption mode
Secure password-based key derivation using PBKDF2 with 100,000 iterations
Batch encryption/decryption for multiple files and folders
Zero-knowledge architecture - passwords never stored or transmitted
Cross-platform compatibility (Windows, Linux, macOS)
Detailed logging and error handling for debugging
Impact & Results
Enabled secure local file encryption for 50+ users, protecting over 10GB of sensitive data. Reduced encryption time by 60% compared to existing tools while maintaining security standards.
Code Highlights
Secure key derivation using PBKDF2
def derive_key(password: str, salt: bytes) -> bytes:
"""Derive encryption key from password using PBKDF2"""
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000,
)
return kdf.derive(password.encode())