SeraVault Community

Join us in building secure, open-source solutions for privacy and data protection

SeraVault Post-Quantum

SeraVault is a post-quantum encrypted file storage and sharing platform designed to protect your data against both current and future quantum computing threats. Built with military-grade security and zero-knowledge architecture, it ensures your sensitive files remain private and secure.

Key Features

πŸ” Post-Quantum Encryption

Uses ML-KEM-768 (Kyber) and ML-DSA-65 (Dilithium) to protect against quantum attacks

🚫 Zero-Knowledge Architecture

Your data is encrypted client-side before leaving your device

🀝 Secure Sharing

Share files securely with end-to-end encryption and contact management

πŸ’¬ Encrypted Chat

Built-in encrypted messaging for each shared file

πŸ“± Cross-Platform

Web, desktop, and mobile support with offline-first capabilities

πŸ”“ No Lock-In

Export your data anytime with full control over your files

Technology Stack

  • Cryptography: NIST-standardized post-quantum algorithms (ML-KEM-768, ML-DSA-65)
  • Offline Support: Progressive Web App with service workers
  • Testing: Comprehensive test suite with Playwright and Vitest

Use Cases

  • Legal & Healthcare: Store and share sensitive client/patient files securely
  • Financial Services: Protect financial documents and transactions
  • Government & Defense: Classified information with quantum-resistant security
  • Journalists & Activists: Protect sensitive sources and communications
  • Personal Use: Keep your personal files private and secure

Get Involved

SeraVault welcomes contributions from the community. Whether you're interested in improving security, adding features, or fixing bugs, your contributions are valuable.

View on GitHub

USB Enforcer - Linux DLP

USB Enforcer is a comprehensive Data Loss Prevention (DLP) solution for Linux systems that prevents data exfiltration through USB mass-storage devices. It enforces encryption on all USB drives, ensuring plaintext devices remain read-only while allowing encrypted LUKS2 drives to be unlocked and used normally.

Key Features

πŸ”’ Automatic Enforcement

Plaintext USB drives are automatically forced read-only at the block level

βœ… LUKS2 Support

Encrypted drives can be unlocked and mounted with full read-write access

🎨 User-Friendly UI

GTK4/libadwaita wizard for easy drive encryption and unlocking

πŸ”” Desktop Notifications

Real-time alerts when blocked devices are detected

πŸ‘₯ Group Exemptions

Exempt specific users or groups from DLP enforcement

πŸ–₯️ Headless Support

Works on servers without GUI, with full command-line management

How It Works

  • Udev Integration: Automatically detects USB devices and applies read-only enforcement
  • PolicyKit Rules: Prevents unauthorized mounting and remounting of plaintext devices
  • Python Daemon: Monitors devices, manages encryption operations, and provides DBus API
  • Secure Communication: Passphrases never traverse the system bus, using local UNIX sockets
  • GTK Wizard: Guides users through drive encryption with optional data preservation

Supported Distributions

RPM-Based

Fedora 38+, RHEL/AlmaLinux/Rocky Linux 9+, CentOS Stream 9+, openSUSE

DEB-Based

Ubuntu 22.04+, Debian 12+, Linux Mint 21+, Pop!_OS 22.04+, Zorin OS 16+

Installation

USB Enforcer is available as both standard and bundled (offline/airgapped) packages for easy deployment:

  • RPM packages: For Fedora, RHEL, CentOS, and openSUSE systems
  • DEB packages: For Debian, Ubuntu, and derivative distributions
  • Script installation: Manual installation scripts included
  • Offline support: Bundled packages require no internet connection

Use Cases

  • Corporate Environments: Prevent sensitive data from leaving company systems via USB
  • Government & Defense: Enforce data security policies on classified systems
  • Healthcare: Protect patient data from unauthorized copying
  • Financial Services: Prevent data exfiltration of financial information
  • Education: Secure research data and student information

Windows Compatibility

Drives encrypted with USB Enforcer use LUKS2 and can be accessed on Windows through:

  • WSL2: Full native support through Windows Subsystem for Linux
  • LibreCrypt: Third-party Windows application with LUKS support
  • Cross-platform alternatives: VeraCrypt for environments requiring native Windows access

Get Involved

USB Enforcer is open-source and actively maintained. We welcome contributions including bug reports, feature requests, distribution support, and code improvements. The project includes comprehensive documentation and a full test suite.

View on GitHub