On github, I created a "File Cloaking Utility" (https://github.com/texadactyl/cloaking) that provides password-based security for a single file or a single file system archive file. The utility is probably most useful in the following situations:
- Storing backups of sensitive information on the Internet
- Transporting sensitive information electronically (E.g. email) or manually (E.g. using a flash drive)
This project is already proven running on an Intel/AMD environment (Biostar Celeron CPU motherboard) and the Raspberry Pi 2 (ARM 32-bit processor). I must confess that the choice of C or C++ brought incompatibility nuisances across CPU architectures - all solved - but underscores the reasons why folks have adopted higher-level languages or, at least, to a language which abstracts data physical sizes more efficiently.
In terms of development, this project is based on libgcrypt (GnuPG cryptographic library), using:
- Password-based Key Derivation Function version 2 (PBKDF2)
- AES data cryptography in Cipher-Block Chaining (CBC) mode
- Hash-based Message Authentication Code (HMAC) function SHA512
Reference: https://gnupg.org/documentation/manuals/gcrypt/
Project subfolders:
- src - C-language source code and a Makefile
- bin - Upon completion of the `make` utility, this folder holds the `cloak` and `uncloak` executables.
- docs - project documentation (admittedly, skimpy)
- data - project example data files
The starting point with this project is in the docs/operations.txt file. Also, the same note contains commands for cloaking the sample cleartext data and uncloaking the ciphertext.
Missing: a GUI interface. Maybe I'll get around to it someday or a reader would like to contribute one which can front-end C-language executables.
Feel free to contact me for inquiries and issues, especially if you find any bugs. I'll respond as soon as I can.