Robust Encryption, Key Rotation, and Secure File Shredding Framework
KeyCrypt Shield is a comprehensive file-level encryption system that combines Elliptic Curve Integrated Encryption Scheme (ECIES), AES-GCM symmetric encryption, automated key rotation, and secure file shredding. This system is built to provide scalable, high-performance, and forward-secure data protection.
- π ECIES for secure asymmetric key exchange
- π‘οΈ AES-GCM for authenticated encryption with confidentiality & integrity
- π Automated Key Rotation every 30 days via KeyManager
- 𧨠Secure Shredding of original files post-encryption
- π Performance benchmarking against traditional algorithms (RSA)
- π Lightweight & memory-efficient design with Python
- π Suitable for cloud, IoT, and enterprise deployments
- Key Exchange: ECIES using SECP256R1 + Diffie-Hellman
- Symmetric Key Derivation: HKDF with SHA-256
- Encryption: AES-GCM with IV and tag
- Shredding: Multi-pass file overwrite + deletion
Fig: High-Level Encryption Workflow
| File | Description |
|---|---|
KeyCrypt_Shield.ipynb |
Jupyter notebook with full implementation |
cipher.txt |
Output of encrypted file |
decrypted.txt |
Output after decryption |
example.txt |
Sample input text |
encryption_flow.jpg |
Visual diagram of ECIES + Key Rotation flow |
Workflow_Diagram.jpg |
System architecture and secure deletion diagram |
performance_plot.png |
Benchmark results (ECIES vs RSA) |
image.png |
Project visual (for documentation use) |
README.md |
This file |
| Metric | RSA (2048-bit) | ECIES + AES-GCM |
|---|---|---|
| Encryption Time | 45β60 ms | 12β18 ms |
| Decryption Time | 35β50 ms | 10β15 ms |
| Memory Usage | 10 MB | 6 MB |
| Throughput | 8 files/sec | 18β25 files/sec |
| Ciphertext Size | Large | Compact |
| Key Rotation | Manual | Automated |
| File Deletion | Not Included | Secure Shredding |
- Ephemeral keys for forward secrecy
- AES-GCM ensures authentication and integrity
- Periodic key expiry limits exposure
- Secure file overwrite prevents data recovery
- Defense against MITM, brute-force, and replay attacks
- Python 3.7+
cryptographypackageos,json,time,secrets,matplotlib(for plotting)
Install dependencies:
pip install cryptography matplotlib- β‘ Fast performance: Encryption-decryption of small files completes in under 1 second
- 𧨠Low overhead: Secure shredding introduces minimal performance impact
- π¦ Scalable: Efficient processing even with large batches of files
- β Accuracy: Decrypted output matches the original message
- π Financial Security: Secure banking and transactional data
- π₯ Healthcare: Protection of Electronic Medical Records (EMRs)
- βοΈ Cloud & IoT: Lightweight, high-security encryption for distributed systems
- π‘οΈ Government & Defense: Robust protection for classified and sensitive documents
- π Post-quantum cryptographic upgrades
- βοΈ Blockchain-based audit trails for transparency
- π€ AI-powered anomaly detection in key usage
- π₯ Role-based access control for multi-user environments
- βοΈ Optimization for IoT and cloud ecosystems
Made with π» by Pranay Sharma
π§ pranay.sharma2022@vitstudent.ac.in