Skip to content

Releases: ParleSec/ZeroVault

ZeroVault 1.0.0 "Knox"

25 Apr 15:16
@ParleSec ParleSec
v1.0.0
73a9ded
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ZeroVault 1.0.0 "Knox" Latest
Latest

ZeroVault 1.0.0 "Knox" - Fort-Knox Level Document Encryption

I'm proud to announce the first major release of ZeroVault, codenamed "Knox" - featuring defense-in-depth security architecture with triple-layer encryption, comprehensive memory protection, and a user-friendly command-line interface for protecting your most sensitive documents.

🏰 Defense-in-Depth Security

ZeroVault "Knox" implements a true defense-in-depth approach where an attacker would need to breach multiple independent protection layers:

  • Triple-Layer Encryption

    • Primary: AES-256-GCM authenticated encryption
    • Secondary: ChaCha20-Poly1305 authenticated encryption
    • Tertiary: AES-256-CBC with independent HMAC-SHA512

  • Advanced Key Management

    • Argon2id memory-hard key derivation
    • Shamir's Secret Sharing for master key splitting
    • Multi-stage key hierarchy with domain separation
    • Ed25519 signatures for authenticity verification

  • Memory Protection

    • Guard pages to detect buffer overflows
    • Memory locking to prevent sensitive data being swapped to disk
    • Memory canaries for runtime tampering detection
    • Multi-pass secure memory zeroization

🔧 Installation

Pre-built Binaries

Via Cargo (Rust package manager)

cargo install zerovault

From Source

git clone https://github.com/ParleSec/zerovault.git
cd zerovault
cargo install --path cli

🛡️ Security Profiles

ZeroVault offers three customizable security levels:

Profile Memory Cost Key Derivation Ideal For
Zerovault 1 GiB 16 passes Maximum security for critical information

🖥️ Command-Line Interface

ZeroVault provides a user-friendly CLI designed for simplicity without compromising security:

# Basic encryption (interactive mode will prompt for details)
zerovault encrypt

Encrypt with specific options


zerovault encrypt --input document.pdf --security paranoid


Decrypt a vault file


zerovault decrypt --input document.pdf.vault


View vault information without decrypting


zerovault info --input document.pdf.vault


Validate vault integrity


zerovault validate --input document.pdf.vault


Stream processing


cat document.txt | zerovault encrypt-stream > document.vault

📋 Key Features

  • Customizable Security: Choose from three security profiles
  • Stream Processing: Support for stdin/stdout operations
  • File Validation: Verify integrity without decryption
  • Metadata Support: Add comments and track changes
  • Batch Processing: Efficiently handle multiple files
  • JSON Output: Structured format for programmatic usage

📄 Documentation

🤝 Acknowledgments

Special thanks to the Rust ecosystem for providing excellent cryptographic libraries that made this project possible.

🔒 ZeroVault "Knox" - Fort-Knox Level Document Encryption

Assets 5
Loading