Repository files navigation

🛡️🔒🔑 Securely encrypt & decrypt data with custom security questions — all processed offline 🔑🔒🛡️

Visit the project site (under construction):

• About AnswerChain
• Disclaimer
• How does it work❓

• 10. Trusted Cryptographic Libraries
• 11. The Code
• 12. Potential Leak
• Threat-Model–Driven Inspiration
• Use Cases

• Help Me Out ❤️
• FAQ
• Contact

AnswerChain provides an offline, passwordless recovery system that empowers individuals and organizations to restore secrets securely. By allowing users to create their own knowledge-based questions and answer options, secrets can be rebuilt without relying on passwords—protected by modern cryptography to ensure safety and trust.

Program is NOT yet READY!

Is this program secure to use?

• This program was developed with extensive AI assistance. While care has been taken to ensure safety, NO SOFTWARE CAN BE GUARANTEED 100% SECURE. At this stage, I wouldNOT RECOMMEND USING THIS PROGRAM FOR IT's INTENDED PURPOSE UNTIL IT HAS MATURED ENOUGH (e.g., gained broader community recognition, reviews, and testing).

Have you had prior experience with coding?

• No, I have not. This is my first application!

1️⃣.User defines their own questions
You create your own security questions (e.g.,“What was my first pet’s name?”)
and provide multiple answer alternatives.

2️⃣.Standard and Critical questions
When setting up your recovery kit, each question can be marked as:

• Standard → regular knowledge prompts (e.g.,“What city were you born in?”).
  These contribute shares toward the recovery threshold and allow flexibility.
• Critical → high-value prompts (e.g.,“What is the code phrase I only told my family?”).
  These mustalways be answered correctly for secret restoration to be possible —
  even if all standard questions are answered correctly.

This two-tier system combinesusability (standard questions)
withmandatory checkpoints (critical questions) for maximum security.

3️⃣.Every alternative is cryptographically protected
Each alternative is combined with a random salt and processed throughArgon2id (a memory-hard key derivation function).
The derived key is used to encrypt aShamir Secret Sharing (SSS) share withcascade encryption:

• First layer:AES-256-GCM
• Second layer:ChaCha20-Poly1305

This dual-layer (cascade AEAD) ensures ciphertexts all have the same structure
and strengthens security against single-algorithm weaknesses that the future could present.

4️⃣.Wrong answers look valid too
Incorrect answers are not left empty. Instead, they carrydummy SSS shares,
also Argon2id-hardened and cascade-encrypted (AES-256-GCM + ChaCha20-Poly1305).

This makes every answerindistinguishable, so attackers cannot know which ones are correct.

5️⃣.Decoy “real” answers
Users can definedecoy real answers that decrypt into plausible but fake secrets.
Even if an attacker manages to decrypt shares, they cannot tell
whether the reconstructed output is the genuine secret or a decoy.

6️⃣.Secret recovery
During recovery, you answer your own questions. Each chosen alternative is re-processed
withArgon2id andcascade decryption.

• If the correct set ofStandard questions is answered,
  enough validSSS shares may be obtained.
• But recovery will only succeed ifall required Critical questions are also answered correctly.

If both conditions are met, the valid shares can be recombined to reconstruct the secret.

7️⃣.Final authentication
The reconstructed secret undergoes a finalArgon2id + HMAC check.
Only if this verification succeeds is the secret accepted as authentic.

Every answer is combined with a random salt and processed throughArgon2id
with enforced high memory cost (≥1 GiB, parallelism pinned to 1).
This makes brute-force attacks prohibitively expensive,
even for attackers using modern GPUs or ASICs.

Each derived key is used incascade encryption, first withAES-256-GCM
and then withChaCha20-Poly1305.
This guarantees ciphertexts are uniform in structure and provides long-term resilience:
even if one cipher is broken in the future, the other still protects the data.

The protected secret is never stored directly but split into shares using
Shamir’s Secret Sharing (SSS).
A defined threshold of correct answers must be provided to recombine the secret,
while any subset below the threshold reveals absolutely nothing.

Questions can bestandard orcritical.

• Standard questions → contribute shares toward the threshold.
• Critical questions → must always be answered correctly.

Secret restoration isimpossible if even one critical question is wrong,
regardless of how many standard answers are correct.

Wrong answers are indistinguishable from correct ones because they also decrypt into
dummy shares hardened with Argon2id and cascade AEAD.

Users can also configuredecoy real answers, which produce plausible but fake secrets.
These protections ensure attackers can never know whether a recovered result is genuine or a decoy.

Once enough shares are collected, the reconstructed secret must pass a
final Argon2id + HMAC verification step.
This prevents tampering and guarantees that only the genuine secret is accepted.

The entire system isoffline and passwordless, eliminating risks associated with
servers, cloud storage, or a single vulnerable master password.
Everything needed for recovery is self-contained.

The system is deliberately designed to remain secureeven if the complete file,
all ciphertexts, salts, and parameters leak online.

Attackers gain no useful advantage because:

• Argon2id makes brute-force infeasible.
• Cascade AEAD ensures dual-layer protection.
• Dummy shares and decoys make answers indistinguishable.
• Shamir’s Secret Sharing prevents partial leakage.
• Critical questions block recovery without mandatory checkpoints.
• The HMAC gate validates authenticity.

After setup, the program presents abrute-force cost analysis,
showing the estimated difficulty of cracking the configuration with modern hardware.

Users can then adjust Argon2id parameters, thresholds, or question sets
if they want even stronger security.

🔒 Cryptography Library Audits

• Software audit: ✅
• Algorithm audit: ✅
• Version: 1.0.0 (Sep 2024) bycure53
• PDFs:pentest report,in-repo
• Changes since audit:Compare changes

• Software audit: ✅
• Algorithm audit: ✅
• Version: 1.0.0 (Sep 2024) bycure53
• PDFs:pentest report,in-repo
• Changes since audit:Compare changes

The program is deliberately lightweight, with a minimal codebase—meaning there’s less surface area for potential vulnerabilities and easier maintainability. In practice,less code often translates into safer code.

It adheres to theOWASP Secure Coding Practices and incorporates additional industry-recognized best practices to ensure robust, secure, and reliable implementation.

During use, the program operates in an inherently sensitive state.At rest, however, the kit remains secure—even in the event of a total data leak, the true secret cannot be derived without the exact knowledge-based answers. In fact, the entire system is designed around this very principle of security.

1️⃣ Public knowledge (online, open to everyone)
– Examples: facts available on the internet, public records, common trivia.

2️⃣ Public but restricted knowledge (online, limited to you + authorities)
– Examples: government records, official registrations, tax or license info.

3️⃣ Semi-public online identity knowledge
– Examples: your usernames, personal websites, or activity on forums/social media.

4️⃣ Shared offline knowledge
– Information known by you, your family, or close friends (e.g., family traditions, shared experiences).

5️⃣ Private offline knowledge
– Information known only by you and a very small circle of trusted parties.

6️⃣ Exclusive personal knowledge
– Something that only you know, with no online or offline exposure.

Simplified password restoration (no IT)
Employees regain access by answering their own questions —offline, passwordless, no helpdesk queue.

Memory support (amnesia / cognitive decline)
Familiar, self-authored prompts help recover vaults without needing to recall a master password.

Crypto seed protection
Store/recover seed phrases

Family emergency access
Split recovery among relatives (e.g.,2-of-3) so one trusted person alone can’t unlock, but together they can.

Protecting your password manager’s master password

• Download and install atrusted Live-CD Linux distribution of your choice.

  Click to view recommended Live-CD Linux distributions

  Distro Name	Base / Family	ISO Size (Approx.)	Live CD/USB	RAM-Only Support	Notes
  Tails	Debian-based	~1.3 GB	✅ Yes	✅ Default	Security/privacy-focused,always RAM-only, amnesic by design. Highest recommendation.
  Puppy Linux	Independent/Ubuntu	400 MB	✅ Yes	✅ Default	Runs entirely in RAM, ultra-fast, excellent for older hardware.
  Slax	Debian-based	270 MB	✅ Yes	✅ Copy2RAM mode	Modular, portable, RAM execution option, easy to carry on USB.
  Porteus	Slackware-based	300 MB	✅ Yes	✅ Copy2RAM mode	Built for USB, boots in seconds, RAM execution supported.
  AntiX	Debian-based	700 MB	✅ Yes	✅ Frugal/toram	Excellent for old PCs, Live/Frugal install supports RAM execution.
  MX Linux (XFCE)	Debian-based	1.6 GB	✅ Yes	✅ toram option	User-friendly, strong live USB tools, persistence + RAM execution.
  SliTaz	Independent	43 MB	✅ Yes	✅ Default	Extremely small, designed to run fully in RAM.
  Damn Small Linux	Knoppix-based	50 MB	✅ Yes	✅ Default	Legacy revival, tiny footprint, RAM-based by design.
  Tiny Core Linux	Independent	15–106 MB	✅ Yes	⚠️ Needs config	Very minimal; runs in RAM but persistence requires manual setup.

• Create abootable USB drive with your chosen distribution.

  Click to view recommended USB creation tools

  Tool Name	Platform(s)	Highlights
  balenaEtcher	Win, macOS, Linux	GUI, validated flashing, user-friendly
  Rufus	Windows	Fast, advanced options, BIOS/UEFI
  dd	Unix-like (Linux/macOS)	CLI, precise data copying
  Fedora Media Writer	Cross-platform	Official Fedora support
  Ubuntu Live USB Creator	Ubuntu & Windows	Official Ubuntu USB tool
  UNetbootin	Cross-platform	Lightweight, distro support, persistence
  Ventoy	Windows, Linux	Multiboot, drag-and-drop ISOs, no reformat needed
  YUMI (exFAT)	Windows, Linux	Multiboot with persistence
  Universal USB Installer	Windows	Simple Linux/Windows ISO writes
  LinuxLive USB Creator	Windows	Live Linux via GUI
  GNOME Disks	Linux	Generic image writer
  WoeUSB	Linux	Windows bootable USB creation
  Easy2Boot	Windows, Linux	Multiboot, image partition support
  TransMac	Windows	macOS image access and USB drive setup
  Lightweight ISO Tools	Windows	Fast, no-frills ISO writers
  WinToUSB	Windows	Windows OS to USB drive
  SARDU	Windows	Multi-ISO USB with tools
  MultiBootUSB	Cross-platform	Multiboot live USB management
  RMPartUSB / RMPrepUSB	Windows	Advanced partition boot code handling
  Ultimate Boot CD	Cross-platform (rescue)	Diagnostic, recovery toolset
  Parted Magic	Cross-platform (ISO)	Partitioning, cloning, rescue, includes tools

• Include the AnswerChain program:

  • Prepare asecondary USB (or use the same boot USB if space allows).
  • Store acopy of the AnswerChain executable on it for redundancy.
  • This ensures you can always access the program even if one USB fails.

• Disconnect from the internet (Wi-Fi and/or Ethernet) to operate in anair-gapped environment.

• Unplug allunnecessary USB devices and peripherals.

• In short:reduce the attack surface before working with security questions and encryption.

  Click for recommended hardening steps (strongly suggested)

  Hardware precautions

  • Use a dedicated offline machine: Ideally an old laptop/PC used only for this task.
  • Remove/disable wireless interfaces: Physically remove Wi-Fi/Bluetooth cards or disable them in BIOS/UEFI.
  • Use write-protected media: Prefer a USB drive with aphysical write-protect switch for storing the final kit.

  OS & media integrity

  • Verify ISO integrity before flashing:

    sha256sum your-distro.iso# Compare to vendor's checksumgpg --verify your-distro.iso.sig# When a signature is provided

  • Minimal install: Avoid unnecessary packages; fewer binaries = fewer attack surfaces.
  • Use read-only media when possible: Boot from CD/DVD or a read-only USB image.
  • Run entirely in RAM (RECOMMENDED): Many live distros support acopy to RAM option (e.g.,toram,copy2ram). Choose this at boot if available.Always run in RAM when you can.

  Operational security (OpSec)

  • No external storage: Keep only the required USB connected while working.
  • Multiple backups: After encryption, keepencrypted backups inseparate physical locations.
    • Online storage is acceptableonly for the encrypted artifact (e.g.,.gpg,.age,.7z with strong passphrase).
    • Prefer multiple brand-name USB devices you trust (malware-free).
  • No logs left behind: Clear history and temp files at the end of each session:

    # Bashunset HISTFILE;history -c; rm -f~/.bash_history; sync# Zshunset HISTFILE;:>~/.zsh_history; sync

    (Use OS-appropriate methods; commands vary by shell/distro.)

• Boot the live system (prefercopy to RAM /toram) andlaunch the application.
• Configure it to your requirements.
• Store thesecurity kit (security questions + all encryption details) on yourwrite-protected USB.
• Ensure asecondary USB contains theAnswerChain program in case of failure or reinstallation needs.
• Keeponly the required USB attached while working.

• Version parity: Use thesame software version for decryption that you used for encryption to avoid compatibility issues.
• Cold-boot test: Power off, boot again, and ensure you can decrypt.
• Cross-device test: Try decrypting on multiple machines (different hardware).
• Media independence: Boot into thesame live CD/USB and test; then boot into adifferent live CD/USB and test again.
• Confirm the decryption process worksexactly as intended across scenarios. Proceed only when you are confident inconsistency and reliability.

As the sole developer currently working on this project, I am seeking support from developers with expertise in secure coding, cryptography, and related fields to help further develop and maintain the project.

All contributions are welcome, and I would greatly value any constructive feedback or suggestions for improvement.

If you enjoyed testing the project and found it useful, please consider giving it a star ⭐ — your support is greatly appreciated!

Is this program actively maintained?

• Currently, the program is being maintained, but updates may vary depending on user interest and contributions.

Has this program been audited?

• No, the program has not undergone a formal audit. However, if it gains significant popularity, an audit may be considered in the future.

Is this program Open Source

• YES!