Secure Vault
AES-128 GCM encrypted password manager
An authenticated encryption password manager built from cryptographic primitives. AES-128 GCM for confidentiality and integrity in one pass. scrypt key derivation resistant to GPU brute-force. SHA-256 hashed vault filenames so no plaintext usernames touch disk. 27-case test suite covering tamper detection, multi-user isolation, and wrong-password rejection.
What it is
Secure Vault is a password manager built from cryptographic primitives to understand how credential encryption works at the implementation level. Users create a master-password-protected vault, then add, retrieve, update, and delete credentials. Each vault is encrypted with AES-128 in GCM mode — confidentiality and integrity in a single pass — and the encryption key is derived from the master password via scrypt, a memory-hard KDF resistant to GPU/ASIC brute-force. Usernames are SHA-256 hashed to prevent plaintext exposure on disk.
By the numbers
| Metric | Value |
|---|---|
| Encryption | AES-128 GCM (authenticated encryption) |
| Key derivation | scrypt (N=2^14, r=8, p=1) |
| Test cases | 27 across 8 categories |
| Attack vectors covered | 5 (wrong key, corrupted ciphertext, cross-user isolation, unicode, large data) |
| Password entropy | 16-char random from 62-char alphabet (~95 bits) |
| Integrity verification | GCM auth tag + magic string canary |
Architecture
Master Password
|
v
scrypt KDF (N=2^14, r=8, p=1)
|
v
128-bit AES Key
|
v
AES-128 GCM Encrypt <-- random nonce per save
|
v
Ciphertext + Nonce + Auth Tag
|
v
Base64 -> JSON Vault File
Username --SHA-256--> Filename on DiskKey features
- AES-128 GCM authenticated encryption — Random nonce generated per encryption operation. GCM provides confidentiality and integrity in a single pass; any tampering with the ciphertext is detected via the authentication tag.
- scrypt key derivation — Memory-hard parameters (N=2^14, r=8, p=1) resist GPU/ASIC brute-force. Derives a 128-bit AES key from the master password.
- SHA-256 hashed usernames — Each user's vault is stored under a hashed filename. No plaintext username exposure on disk.
- Magic string canary — A known plaintext string is encrypted alongside the vault data. Successful decryption of the canary confirms the correct master password before any credential is surfaced.
- 16-character random password generator — 62-character alphabet (A–Za–z0–9) yields ~95 bits of entropy per generated password.
- 27-case test suite — Covers key derivation determinism, round-trip encryption, tamper detection (wrong key, corrupted ciphertext), multi-user vault isolation, and edge cases (empty data, unicode, large entries).
What makes it stand out
- Built from primitives, not a wrapper. Master password to ciphertext is handled end-to-end — KDF, nonce, auth tag, serialization — without delegating to a higher-level password-manager library.
- Authenticated encryption end-to-end. GCM auth tag plus magic-string canary means a wrong key, corrupted ciphertext, or tampered vault all fail closed rather than returning garbage plaintext.
- Test suite as spec. 27 cases across 8 categories pin down the security contract: determinism, isolation, tamper rejection, unicode, large entries.
Stack
| Layer | Technology |
|---|---|
| Language | Python 3.11+ |
| Cryptography | PyCryptodome (AES-GCM, scrypt, random bytes) |
| Hashing | hashlib (SHA-256) |
| Serialization | JSON, Base64 |
| Testing | unittest |