/AES_256-Python

An AES-256 file encryption tool written in Python 3

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

AES_256-Python

A file encryption tool written in Python 3 using AES-256, Scrypt and SHA3-512 algorithms.

AES-Python encrypts|decrypts a file or every files in a folder (even files in subfolders).

Requirements

Run pip3 install -r requirements.txt

Usage

AES_256-Python uses the shred command (native on most Linux, brew install coreutils for macOS).

Run python3 AES.py -f [path of the file or folder] -e|d [e for encrypt | d for decrypt]

and follow instructions on the terminal.

Explanation

  1. The AES key is generated by the Scrypt key derivation algorithm using the password and a random 32 bytes salt.
  2. The password is hashed using SHA3-512 with the same salt than the AES-256 key.
  3. Salt, hashed password and the initialisation vector are stored at the beginning of the new encrypted file.
  4. Data of the plain file is encrypted through a 65kb buffer and stored into the new encrypted file.
  5. The plain file is shredded and removed.

Example

Plain text: Hello, I'm a test for Gaëtan Serré's Python-AES repository.

Encrypted text with the password 'azerty' (hexadecimal): 0x66a7e11a394ecb29d9ab3b92110888118498e766eee47b620aed6e04de5a8ab97cd0a2d15b1ba9b2b5961cac8100aacb7c332770626729465f0f1b1783b63d15cad916de5cf63c35a88cbade36979d9e5dd0cb18cbd4952f188e4cba0277b726bc39df2df8bcba2af9bc3ab9118b7de06fc10c5187f3dd8d8616937bf092bd813a8e13b2b18eb442a10b2f11e96d47906559b6698ef8c405dca922d97d3e1610e14d0627c8ab7ebcd765a87f4d

  • The 32 first bytes are the salt used in the SHA3-512 hashing and in the Scrypt's derivation key.
  • The next 16 bytes are the initialisation vector for AES-256.
  • The next 64 bytes are the hashed password.
  • The other bytes are the encrypted data.

Documentation

Warning

Please save your password carefully. You will not be able to retrieve your data otherwise.