Exploring hardware-authenticated file encryption in Python
1 points
1 hour ago
| 0 comments
| HN
I’ve been experimenting with a way to encrypt files where the encryption keys never touch the host machine and are stored exclusively on a physical USB device. Files are encrypted using AES-256-GCM, and without the USB key they become permanently inaccessible.

I’m interested in feedback on the overall design and any obvious mistakes in the approach.

For reference, there’s a small open-source example implementation here: https://github.com/Lif28/Aegis — it’s experimental and educational, not production-ready

No one has commented on this post.