I wrote a python program that runs in background and keeps checking for new usb pendrives after intervals . This pendrive also has a private key thats the programs checks and verifies with its public key . If it matches you decrypt the files that you have . The files uses AES encryption . You cant decrypt the files without the proper pendrive . Here how it works .
- The program has a mode where you can run it with a argument “ — setup” . In this mode the program will generate private and public keys . It will store the public keys in your computer and private keys in the pendrive . It also generates a hash of the private key and encrypts the hash and stores it in a file called encrypted.acr in the pendrive . This hash is the key used in AES encryption .
- When you encrypt a file it will check if the pendrive is the pendrive and if the keys match . It checks if the keys match by randomly generating a string encrypting it with public key and decrypting it with the key found in pendrive .If the decrypted key matches with the generated random string it decrypts the key found in encrypted.acr and uses that key along with AES to encrypt a file that you want to encrypt
- While decrypting it uses the same method to check if the keys match . You can also use batch decryption . You can make a text file and name it as “files.txt” . If you have a file named files.txt in the pendrive or in the current directory the program will start decrypting the files . This text file should contain the path of the encrypted file in the first line and the path of the new decrypted file as the second line . You can follow this pattern and add as many lines as you want . It looks something like this
4 . If any of the condition does not match it won’t encrypt/decrypt the file transforming your pendrive to a security key . The project is not on github yet as i want to refine the code a bit more