A desktop app for encrypting and decrypting files locally using AES-256-GCM. Built with Python and a Tkinter GUI.
- Encrypts any file using AES-256-GCM — authenticated encryption that detects tampering or corruption at decrypt time, unlike modes like CBC
- Derives the encryption key from your password using PBKDF2-SHA256 with 600,000 iterations (current NIST recommendation)
- Generates a fresh random salt and IV per encryption, so the same file encrypted twice produces different output
- Verifies file integrity with SHA-256 hashing displayed before and after, so you can confirm nothing was lost or altered
- Logs every encrypt/decrypt operation with a timestamp to
encryption_log.txt - Raises a clean error on wrong password or corrupted file rather than silently producing garbage output
Python, cryptography library (AES-256-GCM, PBKDF2HMAC), Tkinter
pip install cryptography
python main.pyEncrypted .enc files store the salt, IV, and ciphertext concatenated — no separate key file needed, everything required for decryption travels with the file.