SecureStorage is a library that provides effective encryption to the apps that use it, making the data generated by it inaccessible and inviolable. Any application creates a large quantity of data; some of it serves just as a warning, while others are essential to the application's operation and users, and some of it, if interfered with, can allow the application and its content to be hacked.


Keywords
Secure, applications, data, encrypted, encryption, security, storage
License
Other
Install
Install-Package SecureStorage -Version 1.24.3.14

Documentation

Secure Storage

The necessity and desire to secure personal information is one thing that everyone shares around the world in the recent times, ranging from businesses to governments to military structures. Data security is critical whether it is being stored, sent, or delivered. Data breaches, hacking, and lost or stolen devices can have catastrophic financial and reputational costs. The need for a Library to protect data generated and handled by applications arose from a desire to protect not only public structures, but also individual citizens, who are even more at risk if their freedom of expression, gender, religion, and any data relating to their person and loved ones is not protected.

Any application that does not secure the data it generates and manages carries the risk of revealing sensitive information that can be used to profile users, scammers to invent scams, and hackers to carry out their plans to pirated programs. The information created by the applications can easily be gathered and marketed on the dark web.

SecureStorage is a library that provides effective encryption to the apps that use it, making the data generated by it inaccessible and inviolable.

Any application creates a large quantity of data; some of it serves just as a warning, while others are essential to the application's operation and users, and some of it, if interfered with, can allow the application and its content to be hacked.

To protect yourself from malicious hackers and organizational data breaches, encrypt all data generated by the application and prevent it from being saved in a way that may be read externally. In the case that unwanted access is permitted to a computer network or storage device, other apps on the same device, or system applications designed with fraudulent purpose by the device's maker, encryption provides an extra level of protection. The hacker will be unable to access the application data encrypted through SecureStorage.

What are the functions of the library: The library offers 2 types of functions, saving objects, and saving values. Objects are nothing more than instances of class, which can have different properties or sub-objects that by means of this library will be saved and frozen in encrypted form to then be able to be fished out again. This feature allows many applications to save the internal working status safely to be recovered after reboot. A practical example of using this library is using it to save contacts, items for sale, announcements, encryption keys, personal and sensitive data, and anything else that in computer science can be represented with a class and you want to make it secure and inaccessible. Internal saving takes place first by means of serialization of the objects, followed by the addition of encryption and then finally with the secure saving of the data on the internal archiving system.

The second type of saving allows you to save the value of text, numeric, bolean, and DateTime variables in an encrypted and permanent way. These variables to which a key is assigned can also be recalled after restarting the application.

Securing takes place via the encryption which can be strengthened by passing the hardware saving functions of keys and values, during the initialization of the library for use.

It often happens that several applications, although they work in a very secure way, can be violated by modifying the data they generate and manage, this is not possible if the developers use this library.

What is encryption?

Simply said, encryption transforms data entered into a digital device into gibberish-like pieces. The encrypted data becomes more unreadable and indecipherable as the encryption technique becomes more complex. Decryption, on the other hand, restores the encrypted data to its original state, making it readable again. Unencrypted data is referred to as normal data, and encrypted data is referred to as encrypted data.

Software vs Hardware encryption

Software encryption encrypts data on a logical disk using a number of software packages. A unique key is created and saved in the computer's memory when a drive is encrypted for the first time. A user passcode is used to encrypt the key. When a user enters the passcode, the key is unlocked, allowing access to the drive's unencrypted data. The drive also stores a copy of the key. When data is written to the drive, it is encrypted using the key before it is physically committed to the disk; software encryption works as an intermediate between application read / write data on the device. Before being given to the software, data read from the drive is decrypted using the same key.

Hardware - level encryption is possible on some devices: Hardware - based encryption is used in Self - Encrypting Drives(SEDs), which takes a more comprehensive approach to encrypting user data. SEDs include an AES encryption chip that encrypts data before it is written to NAND media and decrypts it before it is read. Between the operating system loaded on the drive and the system BIOS is where hardware encryption takes place. An encryption key is generated and stored on NAND flash memory when the drive is encrypted for the first time. A custom BIOS is loaded when the system is first booted, prompting for a user password. The contents of the drive are decrypted and access to the operating system and user data is provided once the pass is entered.

Self-encrypting drives also encrypt and decrypt data on the fly, with the built-in cryptographic chip encrypting and decrypting data before it is written to NAND flash memory. Because the encryption procedure does not use the host CPU, the performance penalty associated with software encryption is reduced. The encryption key is typically placed in the SSD's built-in memory at system startup, which complicates recovery and makes it less vulnerable to low-level attacks. This hardware-based encryption solution provides strong data security in the event that the device is lost, cannot be disabled, and has no performance impact. However, it is a type of low-level encryption that is completely transparent to the device that uses these storage units, as well as to all software programs that run on the device. As a result, this type of encryption does not protect the data of individual applications and users from other resident programs that can see all of the data stored in clear text.

SecureStorage provides an additional layer of security for individuals who utilize primary hardware encrypted devices, rendering the data unreadable outside of the single program that created and is using it.

The Advanced Encryption Standard (AES) is a cryptographic technique that is based on the Rijndael family of algorithms. It is now one of the most widely used encryption and decryption techniques. Vincent Rijmjen and Joan Daemen created the Rijndael algorithm, which is a block cipher. It's a symmetric-key algorithm, which means it encrypts and decrypts data with the same key. As a consequence of the NIST Advanced Encryption Standard competition, the Rijndael algorithm was chosen as an Advanced Encryption Standard and the successor to the Data Encryption Standard (DES). The competition was held in order to produce a new cryptographic standard as a replacement for the obsolete DES. Because to the modernization of computer technologies, the Data Encryption Standard's key length (56 bits) was insecure at the time. The Rijndael family of functions is represented by three algorithms in the AES standard. They have varying key lengths of 128, 192, and 256 bits, but they all use the same 128-bit block length. More variations of encryption algorithms, cyphers, and other cryptographic functions are included in the Rijndael family of hashing functions than in AES. The Advanced Encryption Standard was designed to work equally well in software and hardware implementations. With the deployment of the substitution–permutation network design, it was possible. This network design is similar to the Feistel network, which was utilized in DES, but it is faster to compute on both hardware and software, which was critical given DES's software implementation inefficiency.

Our cryptography is the same as that used in Bitcoin, which has been put to the test by hackers all around the world without ever being broken: Breaking this form of cryptography would give you access to coins stored in wallets, which no one has ever done before.

The Advanced Encryption Algorithm (AES256) is an AES algorithm with a key length of 256 bits.The computational difficulty of the decryption is affected by the length of the AES version. The key recovery for AES 256-encrypted data requires more computational power than the 128 and 192-bit variants. The biclique attack, for example, can decrypt AES128 with a computational complexity of 2126. The computational complexity of biclique attacks on AES 192 and AES 256 are 2189.9 and 2254.3, respectively.However, for every key length, real execution of the attacks on the AES-protected data is currently impractical. All of the AES attacks are hypothetical. Every known AES attack would take millions of years to complete, regardless of the algorithm's key length.

Here you will find an overview of all supported features

The reasons that led to this project with dontnet is that it is an open source development environment, and effective security is achieved only by being able to inspect all parts of the code, including the development framework.

Our target is very linux oriented, and the partnership between Microsoft and Canonical ensure the highest standard of security and reliability.