Exploring hardware-authenticated file encryption in Python
I’ve been experimenting with a way to encrypt files where the encryption keys never touch the host machine and are stored exclusively on a physical USB device. Files are encrypted using AES-256-GCM, and without the USB key they become permanently inaccessible.
I’m interested in feedback on the overall design and any obvious mistakes in the approach.
For reference, there’s a small open-source example implementation here: https://github.com/Lif28/Aegis — it’s experimental and educational, not production-ready
No comments yet.