🛡️🔒🔑 Securely encrypt & decrypt data with custom security questions — all processed offline 🔑🔒🛡️
Visit the project site (under construction):
🔒 Why the Security Questions File (kit) is Secure
- 10. Trusted Cryptographic Libraries
- 11. The Code
- 12. Potential Leak
- Threat-Model–Driven Inspiration
- Use Cases
🔮 Example Features & Ideas
⚙️ How to Use the Application
AnswerChain provides an offline, passwordless recovery system that empowers individuals and organizations to restore secrets securely. By allowing users to create their own knowledge-based questions and answer options, secrets can be rebuilt without relying on passwords—protected by modern cryptography to ensure safety and trust.
Program is NOT yet READY!
Is this program secure to use?
- This program was developed with extensive AI assistance. While care has been taken to ensure safety, NO SOFTWARE CAN BE GUARANTEED 100% SECURE. At this stage, I would NOT RECOMMEND USING THIS PROGRAM FOR IT's INTENDED PURPOSE UNTIL IT HAS MATURED ENOUGH (e.g., gained broader community recognition, reviews, and testing).
Have you had prior experience with coding?
- No, I have not. This is my first application!
1️⃣. User defines their own questions
You create your own security questions (e.g., “What was my first pet’s name?”)
and provide multiple answer alternatives.
2️⃣. Standard and Critical questions
When setting up your recovery kit, each question can be marked as:
- Standard → regular knowledge prompts (e.g., “What city were you born in?”).
These contribute shares toward the recovery threshold and allow flexibility. - Critical → high-value prompts (e.g., “What is the code phrase I only told my family?”).
These must always be answered correctly for secret restoration to be possible —
even if all standard questions are answered correctly.
This two-tier system combines usability (standard questions)
with mandatory checkpoints (critical questions) for maximum security.
3️⃣. Every alternative is cryptographically protected
Each alternative is combined with a random salt and processed through Argon2id (a memory-hard key derivation function).
The derived key is used to encrypt a Shamir Secret Sharing (SSS) share with cascade encryption:
- First layer: AES-256-GCM
- Second layer: ChaCha20-Poly1305
This dual-layer (cascade AEAD) ensures ciphertexts all have the same structure
and strengthens security against single-algorithm weaknesses that the future could present.
4️⃣. Wrong answers look valid too
Incorrect answers are not left empty. Instead, they carry dummy SSS shares,
also Argon2id-hardened and cascade-encrypted (AES-256-GCM + ChaCha20-Poly1305).
This makes every answer indistinguishable, so attackers cannot know which ones are correct.
5️⃣. Decoy “real” answers
Users can define decoy real answers that decrypt into plausible but fake secrets.
Even if an attacker manages to decrypt shares, they cannot tell
whether the reconstructed output is the genuine secret or a decoy.
6️⃣. Secret recovery
During recovery, you answer your own questions. Each chosen alternative is re-processed
with Argon2id and cascade decryption.
- If the correct set of Standard questions is answered,
enough valid SSS shares may be obtained. - But recovery will only succeed if all required Critical questions are also answered correctly.
If both conditions are met, the valid shares can be recombined to reconstruct the secret.
7️⃣. Final authentication
The reconstructed secret undergoes a final Argon2id + HMAC check.
Only if this verification succeeds is the secret accepted as authentic.
Every answer is combined with a random salt and processed through Argon2id
with enforced high memory cost (≥1 GiB, parallelism pinned to 1).
This makes brute-force attacks prohibitively expensive,
even for attackers using modern GPUs or ASICs.
Each derived key is used in cascade encryption, first with AES-256-GCM
and then with ChaCha20-Poly1305.
This guarantees ciphertexts are uniform in structure and provides long-term resilience:
even if one cipher is broken in the future, the other still protects the data.
The protected secret is never stored directly but split into shares using
Shamir’s Secret Sharing (SSS).
A defined threshold of correct answers must be provided to recombine the secret,
while any subset below the threshold reveals absolutely nothing.
Questions can be standard or critical.
- Standard questions → contribute shares toward the threshold.
- Critical questions → must always be answered correctly.
Secret restoration is impossible if even one critical question is wrong,
regardless of how many standard answers are correct.
Wrong answers are indistinguishable from correct ones because they also decrypt into
dummy shares hardened with Argon2id and cascade AEAD.
Users can also configure decoy real answers, which produce plausible but fake secrets.
These protections ensure attackers can never know whether a recovered result is genuine or a decoy.
Once enough shares are collected, the reconstructed secret must pass a
final Argon2id + HMAC verification step.
This prevents tampering and guarantees that only the genuine secret is accepted.
The entire system is offline and passwordless, eliminating risks associated with
servers, cloud storage, or a single vulnerable master password.
Everything needed for recovery is self-contained.
The system is deliberately designed to remain secure even if the complete file,
all ciphertexts, salts, and parameters leak online.
Attackers gain no useful advantage because:
- Argon2id makes brute-force infeasible.
- Cascade AEAD ensures dual-layer protection.
- Dummy shares and decoys make answers indistinguishable.
- Shamir’s Secret Sharing prevents partial leakage.
- Critical questions block recovery without mandatory checkpoints.
- The HMAC gate validates authenticity.
After setup, the program presents a brute-force cost analysis,
showing the estimated difficulty of cracking the configuration with modern hardware.
Users can then adjust Argon2id parameters, thresholds, or question sets
if they want even stronger security.
🔒 Cryptography Library Audits
- Software audit: ✅
- Algorithm audit: ✅
- Version: 1.0.0 (Sep 2024) by cure53
- PDFs: pentest report, in-repo
- Changes since audit: Compare changes
- Software audit: ✅
- Algorithm audit: ✅
- Version: 1.0.0 (Sep 2024) by cure53
- PDFs: pentest report, in-repo
- Changes since audit: Compare changes
The program is deliberately lightweight, with a minimal codebase—meaning there’s less surface area for potential vulnerabilities and easier maintainability. In practice, less code often translates into safer code.
It adheres to the OWASP Secure Coding Practices and incorporates additional industry-recognized best practices to ensure robust, secure, and reliable implementation.
During use, the program operates in an inherently sensitive state. At rest, however, the kit remains secure—even in the event of a total data leak, the true secret cannot be derived without the exact knowledge-based answers. In fact, the entire system is designed around this very principle of security.
1️⃣ Public knowledge (online, open to everyone)
– Examples: facts available on the internet, public records, common trivia.
2️⃣ Public but restricted knowledge (online, limited to you + authorities)
– Examples: government records, official registrations, tax or license info.
3️⃣ Semi-public online identity knowledge
– Examples: your usernames, personal websites, or activity on forums/social media.
4️⃣ Shared offline knowledge
– Information known by you, your family, or close friends (e.g., family traditions, shared experiences).
5️⃣ Private offline knowledge
– Information known only by you and a very small circle of trusted parties.
6️⃣ Exclusive personal knowledge
– Something that only you know, with no online or offline exposure.
Simplified password restoration (no IT)
Employees regain access by answering their own questions — offline, passwordless, no helpdesk queue.
Memory support (amnesia / cognitive decline)
Familiar, self-authored prompts help recover vaults without needing to recall a master password.
Crypto seed protection
Store/recover seed phrases
Family emergency access
Split recovery among relatives (e.g., 2-of-3) so one trusted person alone can’t unlock, but together they can.
Protecting your password manager’s master password
# 🔒 Privacy Protection via Tolerance-Based Authentication for the security questions
Privacy protection of security questions using tolerance-based authentication.
- All masked answers combine into a single unlock key → hiding both personal data and the questions.
- With tolerance-based authentication, small typos are accepted (e.g.,
bakke→backe,bakie), balancing usability and security. - Redundancy across multiple questions provides resilience and accessibility.
⚠️ All data below is entirely fabricated, for demonstration only.
Persona
- Name: Jonathan "Jono" Carver
- Birth date:
1992-07-14 - Phone:
+44 7701 234567 - Email:
[email protected] - Passport:
UKR1234567 - Student ID:
AB34927 - Card:
4539 4512 0398 4312 - Forum:
dark_raven92 - Licence:
B, BE
- First name with vowels hidden →
J*n*th*n - Forum handle (digits removed, consonants only) →
drkrvn
- Birth date (YYYY-MM) →
1992-07 - Day of month mod 10 (14 → 4) →
4
- Postal prefix →
SW1 - Country code →
GB
- Masked email →
jon…@example.com - Masked phone →
…4567
- Passport last 3 →
…567 - Student ID format →
^[A-Z]{2}\d{5}$
- Card last 4 →
…4312 - IBAN masked (UK) →
GB…12
- Uni email with vowels hidden →
jn.c*rv*r92 - Publications bucket →
6–20
- GitHub consonants only (joncarver92) →
jncrvr - Forum last login →
07/25
- Categories →
B, BE - First issue year →
2010
- SHA-256("Carver|salt42"), first 8 hex →
3a91f2b8 - CRC32(passport tail 34567) →
5D12A4BC
- Phone tail + passport tail →
567-567 - Initials + birth year →
J.C.-92
- Mother’s maiden initial + father’s name last letter →
L,n - Favourite colour "purple", letters 1 & 3 →
p-r
- Regex for masked phone →
^\+44\s77\d{2}\s\d{6}$ - ISO country/currency →
GB-GBP
- Least identifying DOB mask →
Year only (1992) - Least identifying address mask →
Country only (GB)
✅ End of Demo Set — clean, minimal, and privacy-preserving.
# 🔒 Server side Authentication
Features:
Automated Triggers: If you fail to respond to a recurring prompt (e.g., an email sent at fixed intervals) within a specified time frame, a predefined action will be triggered. For example, a physical letter could be dispatched with instructions on how to proceed.
Server-Side Security: The system can leverage server-side hardware (e.g., HSM modules) to enhance overall security and safeguard cryptographic processes.
Customizable User Conditions: It can be programmed with detailed specifications, such as:
Denying authentication if you are under duress (e.g., held against your will).
Allowing decryption only at specific times or intervals.
Triggering auto-destruction of sensitive data if user-defined conditions are met.
Human and AI-Assisted Support: Flexible integration of human support teams and/or AI-based assistance tailored to your specific use case.
Controlled Information Flow: The system can hold encrypted questions or instructions and release them only after successful authentication. You decide exactly what information is stored server-side.
Contingency Features: Optional safeguards include contacting trusted relatives or designated parties if you fail to respond within set time limits.
# 🔒 Unified framework of human-centric authentication factors combining biometrics, cognition, perception, behavior, and psychometric patterns
- Fingerprints (ridge patterns)
- Facial recognition (geometry, landmarks)
- Iris scans (iris texture)
- Retina scans (blood vessel pattern)
- Voice recognition (tone, cadence, pitch)
- Gait analysis (walking style)
- DNA snippet profiling (SNPs encoded to bits)
- Multisensory biometrics (fingerprint + iris + face combo)
- Classic security questions
- Custom user-authored questions
- Memory recall tasks (facts, personal info, shared knowledge)
- Number sequence recall (max working memory length)
- Word/phrase recall
- Challenge-response puzzles (math, riddles, logic)
- Logic games (short chess puzzles, sequence completion)
- Pattern completion challenges
- Story/narrative memory recall
- Color perception tests (e.g., “the dress” illusion)
- Visual illusions (duck/rabbit, vase/faces, young woman/old woman)
- Ambiguous 3D illusions (Necker cube, spinning dancer)
- Gestalt grouping (continuity, similarity, proximity)
- Pattern recognition tasks (shapes, geometry)
- Hotspot clicks in busy images
- Multi-object recognition in clutter
- Ambiguous image interpretation (Rubin’s vase, duck/rabbit)
- Bistable motion illusions (spinning dancer clockwise/counterclockwise)
- Multi-interpretation figure perception (e.g., young woman vs old woman)
- PassPoints (click-points on image)
- Grid sketch (Draw-A-Secret)
- Pattern locks (Android-style)
- Spatial sequence recall (navigating nodes or map)
- Number sequence repetition
- Word sequence repetition
- Rhythm passwords (tap/knock patterns)
- Morse-like cadence (short/long tap codes)
- N-back recall challenges
- Reaction time-based sequences
- Typing speed (chars/sec)
- Keystroke dynamics (hold & gap times)
- Misspelling/error patterns
- Correction habits (backspace, delete, autocorrect)
- Preferred words/phrases typing rhythm
- Consistent keyboard quirks (capslock use, shift preference)
- Mouse/trackpad signature curves
- Cursor velocity, jitter, navigation habits
- Touch gestures (swipes, pressure, angle, acceleration)
- Phone IMU gestures (figure-8, tilt, shake)
- Device unlocking style (swipe vs tap patterns)
- Ranking tasks (colors, shapes, preferences)
- Odd-one-out triads (select odd from group)
- Story path choices (consistent narrative choices)
- Preference-based questions (favorite activity, season, movie, food, etc.)
- Personality test responses (Big Five style)
- Reaction speed/accuracy to cues
- Empathy reactions (images, phrases)
- Emotional scaling (rate feelings 1–10 when X happens)
- Cringe/dislike responses
- Distractor tests (what distracts you most)
- Mistake type profiling (errors you repeat)
- Preferred hand for tasks
- Comfort with surveillance/authority
- Information disclosure vs withholding
- Handwriting samples
- Reading speed tests
- Eating & describing food taste (tomato, strong flavor, scale 1–10)
- Describing sensory perception (smell, touch, texture)
- Maximum sequence recall test (avg length across attempts)
- Motor task performance (draw, trace, tap path)
- Circadian rhythm & chronotype (morning/night person)
- Time perception under different conditions
- Routine adherence vs variability
- Anticipation vs reflection behavior
- Response to time pressure / waiting
- Risk vs reward orientation
- Intrinsic vs extrinsic motivators
- Goal initiation vs follow-through style
- Response to incentives
- Habit formation tendencies
- Empathy processing style
- Affiliation vs autonomy preference
- Conflict response (avoid, confront, adapt)
- Theory of mind ability (inferring others’ perspectives)
- Preference for group vs one-on-one settings
- Comfort with disclosure vs secrecy
- Desire for observation or anonymity
- Tolerance for monitoring/surveillance
- Reaction to regulation or authority
- Deontological vs utilitarian tendencies
- Justice vs mercy preference
- Sensitivity to hypocrisy
- Moral licensing patterns
- Individual vs collective responsibility view
- Stress response type (fight/flight, cortisol pattern)
- Sleep quality, REM density
- Nutritional responsiveness
- Sensitivity to sensory stimuli (light, sound, temperature)
- Hormonal/metabolic baseline variation
- Symbolic vs narrative creativity
- Structured vs improvisational style
- Preferred medium (tactile, digital, verbal, visual)
- Creative risk-taking vs repetition
- Peak creative time periods
- Routine adherence vs novelty seeking
- Tolerance for unpredictability
- Environmental adaptability
- Attention to variance in others
- Pattern-breaking behaviors
- Trial-and-error vs plan-first
- Big-picture vs detail-oriented focus
- Logic-driven vs intuitive inference
- Persistence vs pivot on failure
- Strategic vs impulsive problem solving
-
Download and install a trusted Live-CD Linux distribution of your choice.
Click to view recommended Live-CD Linux distributions
Distro Name Base / Family ISO Size (Approx.) Live CD/USB RAM-Only Support Notes Tails Debian-based ~1.3 GB ✅ Yes ✅ Default Security/privacy-focused, always RAM-only, amnesic by design. Highest recommendation. Puppy Linux Independent/Ubuntu 400 MB ✅ Yes ✅ Default Runs entirely in RAM, ultra-fast, excellent for older hardware. Slax Debian-based 270 MB ✅ Yes ✅ Copy2RAM mode Modular, portable, RAM execution option, easy to carry on USB. Porteus Slackware-based 300 MB ✅ Yes ✅ Copy2RAM mode Built for USB, boots in seconds, RAM execution supported. AntiX Debian-based 700 MB ✅ Yes ✅ Frugal/toram Excellent for old PCs, Live/Frugal install supports RAM execution. MX Linux (XFCE) Debian-based 1.6 GB ✅ Yes ✅ toram option User-friendly, strong live USB tools, persistence + RAM execution. SliTaz Independent 43 MB ✅ Yes ✅ Default Extremely small, designed to run fully in RAM. Damn Small Linux Knoppix-based 50 MB ✅ Yes ✅ Default Legacy revival, tiny footprint, RAM-based by design. Tiny Core Linux Independent 15–106 MB ✅ Yes ⚠️ Needs configVery minimal; runs in RAM but persistence requires manual setup. -
Create a bootable USB drive with your chosen distribution.
Click to view recommended USB creation tools
Tool Name Platform(s) Highlights balenaEtcher Win, macOS, Linux GUI, validated flashing, user-friendly Rufus Windows Fast, advanced options, BIOS/UEFI dd Unix-like (Linux/macOS) CLI, precise data copying Fedora Media Writer Cross-platform Official Fedora support Ubuntu Live USB Creator Ubuntu & Windows Official Ubuntu USB tool UNetbootin Cross-platform Lightweight, distro support, persistence Ventoy Windows, Linux Multiboot, drag-and-drop ISOs, no reformat needed YUMI (exFAT) Windows, Linux Multiboot with persistence Universal USB Installer Windows Simple Linux/Windows ISO writes LinuxLive USB Creator Windows Live Linux via GUI GNOME Disks Linux Generic image writer WoeUSB Linux Windows bootable USB creation Easy2Boot Windows, Linux Multiboot, image partition support TransMac Windows macOS image access and USB drive setup Lightweight ISO Tools Windows Fast, no-frills ISO writers WinToUSB Windows Windows OS to USB drive SARDU Windows Multi-ISO USB with tools MultiBootUSB Cross-platform Multiboot live USB management RMPartUSB / RMPrepUSB Windows Advanced partition boot code handling Ultimate Boot CD Cross-platform (rescue) Diagnostic, recovery toolset Parted Magic Cross-platform (ISO) Partitioning, cloning, rescue, includes tools -
Include the AnswerChain program:
- Prepare a secondary USB (or use the same boot USB if space allows).
- Store a copy of the AnswerChain executable on it for redundancy.
- This ensures you can always access the program even if one USB fails.
-
Disconnect from the internet (Wi-Fi and/or Ethernet) to operate in an air-gapped environment.
-
Unplug all unnecessary USB devices and peripherals.
-
In short: reduce the attack surface before working with security questions and encryption.
Click for recommended hardening steps (strongly suggested)
Hardware precautions
- Use a dedicated offline machine: Ideally an old laptop/PC used only for this task.
- Remove/disable wireless interfaces: Physically remove Wi-Fi/Bluetooth cards or disable them in BIOS/UEFI.
- Use write-protected media: Prefer a USB drive with a physical write-protect switch for storing the final kit.
OS & media integrity
- Verify ISO integrity before flashing:
sha256sum your-distro.iso # Compare to vendor's checksum gpg --verify your-distro.iso.sig # When a signature is provided
- Minimal install: Avoid unnecessary packages; fewer binaries = fewer attack surfaces.
- Use read-only media when possible: Boot from CD/DVD or a read-only USB image.
- Run entirely in RAM (RECOMMENDED): Many live distros support a copy to RAM option (e.g.,
toram,copy2ram). Choose this at boot if available. Always run in RAM when you can.
Operational security (OpSec)
- No external storage: Keep only the required USB connected while working.
- Multiple backups: After encryption, keep encrypted backups in separate physical locations.
- Online storage is acceptable only for the encrypted artifact (e.g.,
.gpg,.age,.7zwith strong passphrase). - Prefer multiple brand-name USB devices you trust (malware-free).
- Online storage is acceptable only for the encrypted artifact (e.g.,
- No logs left behind: Clear history and temp files at the end of each session:
(Use OS-appropriate methods; commands vary by shell/distro.)
# Bash unset HISTFILE; history -c; rm -f ~/.bash_history; sync # Zsh unset HISTFILE; : > ~/.zsh_history; sync
- Boot the live system (prefer copy to RAM / toram) and launch the application.
- Configure it to your requirements.
- Store the security kit (security questions + all encryption details) on your write-protected USB.
- Ensure a secondary USB contains the AnswerChain program in case of failure or reinstallation needs.
- Keep only the required USB attached while working.
- Version parity: Use the same software version for decryption that you used for encryption to avoid compatibility issues.
- Cold-boot test: Power off, boot again, and ensure you can decrypt.
- Cross-device test: Try decrypting on multiple machines (different hardware).
- Media independence: Boot into the same live CD/USB and test; then boot into a different live CD/USB and test again.
- Confirm the decryption process works exactly as intended across scenarios. Proceed only when you are confident in consistency and reliability.
As the sole developer currently working on this project, I am seeking support from developers with expertise in secure coding, cryptography, and related fields to help further develop and maintain the project.
All contributions are welcome, and I would greatly value any constructive feedback or suggestions for improvement.
If you enjoyed testing the project and found it useful, please consider giving it a star ⭐ — your support is greatly appreciated!
Is this program actively maintained?
- Currently, the program is being maintained, but updates may vary depending on user interest and contributions.
Has this program been audited?
- No, the program has not undergone a formal audit. However, if it gains significant popularity, an audit may be considered in the future.
Is this program Open Source
- YES!
