FuseCrypt combines industry-standard cryptographic algorithms to encrypt sensitive data. It also offers end-to-end encrypted communication, allowing users to securely communicate on a local network.
Key Features and Security Measures:
1. Advanced Cryptography: Utilizes ThreeFish, RSA 2048-4096, AES 256 GCM,/CBC, Serpent, Camellia, Chacha20poly1305, PBKDF2, ECDH P-521 and ECDSA 521.
2. Hardware-Based Authentication: Requires Yubikey for decryption, enhancing security by protecting cryptographic keys with robust hardware-based authentication.
3. Secure Data Handling: It takes unique approach to secure data handling by storing each sensitive content in its own separate file with an associated encrypted key. The encrypted data also encrypted by Windows EFS (Encrypting File System) with read-only attribute. The dual-layer encryption enhances confidentiality and integrity of the data at rest while reducing potential breach by compartmentalizing sensitive information.
4. Local Network Encryption: Enables end-to-end encrypted communication within local networks, ensuring confidentiality and data integrity during exchanges.
5. Data Backup and Confidentiality: Allows for exporting encrypted data as a backup precaution and importing it into any FuseCrypt application.
6. Memory Protection: Each note is safeguarded using the .NET SecureString class.
*** Instructions ***
1. Yubikey 5+ series or YubiKey 5 FIPS series type, you can order at https://www.yubico.com/products/ if you don't have one.
2. Insert yubikey on your computer
3. Download the Yubikey Authenticator app at https://www.yubico.com/products/yubico-authenticator
4. Once the app is installed, navigate to Certificates -> Key Management then click on Generate Key. Follow the setup process, then select either RSA 2048, RSA 3072, or RSA 4096 for algorithm, and select either public key or certificate-based type.
5. Install this app on your computer, it will automatically detect YubiKey on USB slot.
*** Warnings ***
1. The program will use RSA key pair on your yubikey device so overwriting the keypair on key management slot or factory reset will destroy the decryption key.
2. If your PIN is locked, it needs to be unlocked with (PUK) PIN. This is the last part, if you forgot it, the last option is factory reset which will destroy the decryption key.
3. Without decryption keys, it will no longer possible to decrypt the secrets.