A secure file encryption and storage solution built with C#, emphasizing security, performance, and memory safety.
Note
This project has a separate UI project that includes a user-friendly interface for easier interaction. Please check out the UI project for enhanced features. Click Me To Access UI Project
-
Two-Layer Encryption:
- Key Hierarchy: Encrypted with a user-specific public master key (which is an AES-256 key derived via PBKDF2 with SHA2-256, Then this result is further encrypted with a system security key (also AES-256, derived via the same PBKDF2 process))
-
AES-GCM Encryption:
- Algorithm: Implements AES-256 in Galois/Counter Mode (GCM) for authenticated encryption with associated data (AEAD).
- Properties: AES-GCM with a 256-bit key for encryption. Uses a 16-byte (128-bit) authentication tag per block.
- Nonce Management: Derives unique nonces per block using an HKDF-based construction (HMACSHA2_256).
-
Secure Cryptography:
RFC 2898key derivation with SHA2-256 for system security keys
-
Secure Stream Processing:
- Processes files in configurable-sized chunks to support large files
- Implements per-block nonce derivation for stronger security
Important
Linux-Specific Optimizations:
- Persist: Uses
fsyncsyscalls - I/O Priority Control: Uses
ioprio_setsyscalls - Kernel Hints: Implements
posix_fadvisewithPOSIX_FADV_SEQUENTIAL - Memory Management: Uses
POSIX_FADV_DONTNEED
Important
Windows-Specific Optimizations:
- Direct Buffer Flushing: Uses Windows-native
FlushFileBuffersAPI
Important
Macos-Specific Optimizations:
- File Full Sync Uses Macos
ffullsyncsyscalls
Should you encounter any issues, please submit a new issue on the project repository, including a detailed description of your environment (e.g., operating system, version, hardware), the problem, steps to reproduce, and any relevant logs or error messages.