{"id":29212148,"url":"https://github.com/ratk87/cryptographiceraser","last_synced_at":"2026-04-18T13:32:30.193Z","repository":{"id":302042509,"uuid":"987191255","full_name":"ratk87/CryptographicEraser","owner":"ratk87","description":"Bachelor Thesis - App for demonstrating the development method to securely erase data on an android device","archived":false,"fork":false,"pushed_at":"2025-06-30T08:38:09.000Z","size":1653,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-30T09:26:48.853Z","etag":null,"topics":["android-app","cryptographic-erase","cryptography-algorithms","mobile-security","secure-deletion"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ratk87.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-20T17:55:40.000Z","updated_at":"2025-06-30T08:33:48.000Z","dependencies_parsed_at":"2025-06-30T09:37:35.224Z","dependency_job_id":null,"html_url":"https://github.com/ratk87/CryptographicEraser","commit_stats":null,"previous_names":["ratk87/cryptographiceraser"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/ratk87/CryptographicEraser","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ratk87%2FCryptographicEraser","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ratk87%2FCryptographicEraser/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ratk87%2FCryptographicEraser/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ratk87%2FCryptographicEraser/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ratk87","download_url":"https://codeload.github.com/ratk87/CryptographicEraser/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ratk87%2FCryptographicEraser/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263222547,"owners_count":23433035,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android-app","cryptographic-erase","cryptography-algorithms","mobile-security","secure-deletion"],"created_at":"2025-07-02T22:10:22.836Z","updated_at":"2026-04-18T13:32:30.162Z","avatar_url":"https://github.com/ratk87.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CryptographicEraser\n\nCryptographicEraser is a lightweight Android application designed to securely delete files by encrypting them in place before removal, and optionally overwriting free space with cryptographically secure random data. Developed as part of a Bachelor’s thesis in Computer Science at FernUniversität in Hagen, this tool ensures that deleted data cannot be recovered—even on modern flash media where traditional shredding techniques are less effective.\n\n---\n\n## Motivation\n\nMobile devices increasingly store sensitive personal and business data—from photos and documents to authentication tokens and private messages. Simply deleting a file does not guarantee that its content can’t be recovered: on flash-based storage (e.g., internal eMMC or removable SD cards), wear-leveling and block remapping can leave remnants of “deleted” data intact.\n\nTo mitigate this risk, CryptographicEraser:\n\n1. **Encrypts files in place** using AES (GCM for smaller files, CTR for larger) with a strong password-based key derivation (PBKDF2-HMAC-SHA256).  \n2. **Deletes the encrypted file**, leaving uniformly random ciphertext on disk.  \n3. **Optionally wipes free space** by writing and deleting dummy files filled with random data—twice—ensuring that any leftover blocks are overwritten.\n\nThis approach leverages cryptographic irrecoverability (ciphertext indistinguishability) as the first defense, followed by a free-space wipe as a second layer, providing a high degree of confidence that sensitive content cannot be reconstructed.\n\n---\n\n## Key Features\n\n- **In-Place Encryption \u0026 Deletion**  \n  Files are read into memory, encrypted with AES, then overwritten at the original location—no temporary `.enc` files remain.\n\n- **Adaptive Cipher Selection**  \n  - **AES-GCM** for files up to 20 MiB (offers authenticated encryption).  \n  - **AES-CTR** for larger files (stream cipher with minimal memory overhead).\n\n- **Password-Based Key Derivation**  \n  Uses PBKDF2 with HMAC-SHA256 and 100 000 iterations to derive a 256-bit AES key from the user’s passphrase, resisting brute-force attacks.\n\n- **Optional Free-Space Wipe**  \n  Overwrites all available free space in the app’s sandbox directory with 1 MiB random-data files (twice), then deletes them.\n\n- **Minimal Permissions**  \n  Only requires full file-access permission (`MANAGE_EXTERNAL_STORAGE` on Android 11+, or `WRITE_EXTERNAL_STORAGE` on older OS versions) for operation within the app’s own sandbox.\n\n- **Lightweight, Open-Source**  \n  No background services. All code runs in a single Activity + Fragment architecture. Easily auditable and modifiable.\n\n---\n\n## Usage\n\n1. **Install** the APK on your Android device.  \n2. **Grant** the storage permission when prompted.  \n3. **Select “Shred File”**, choose one or more files within the app’s sandbox view, and enter your passphrase.  \n4. The app will **encrypt \u0026 delete** each file, then ask whether you’d like to wipe free space.  \n5. If you agree, the app will **overwrite free space** with random data, then clean up.\n\n---\n\n## Architecture \u0026 Implementation\n\n- **MainActivity**  \n  - Displays storage statistics.  \n  - Launches `FileExplorer` (Fragment) for file selection.  \n  - Orchestrates the shred-and-wipe workflow via `CryptoEraseController`.\n\n- **CryptoEraseController**  \n  - Prompts for passphrase.  \n  - Calls `CryptoUtils.encryptFileInPlace()` for each selected file.  \n  - Deletes the encrypted file.  \n  - Optionally invokes `WipeUtils` to overwrite free space.\n\n- **CryptoUtils**  \n  - Implements in-place encryption without temporary files.  \n  - Logs key events (password length, file sizes, salt/IV values) to Logcat for debugging.\n\n- **WipeUtils**  \n  - Provides both silent and feedback-driven free-space overwriting routines.  \n  - Writes 1 MiB dummy files until the volume is full (caught via exception), repeating twice.\n\n- **FileExplorer**  \n  - Simple `RecyclerView`-based file browser rooted at `filesDir`.  \n  - Allows directory navigation and per-file “CryptoShred” buttons.\n\n---\n\n## Bachelor Thesis Context\n\nCryptographicEraser was developed as part of a Bachelor’s thesis in Computer Science at FernUniversität in Hagen. The thesis investigates:\n\n- Modern challenges in data sanitization on flash-based storage, focusing on mobile devices.  \n- Comparative security of encryption-based shredding vs. overwriting strategies.  \n- Usability considerations for mobile secure-delete tools.\n\nThe full thesis document, including design rationale, and security analysis, is available (in German) upon request.\n\n---\n\n## License\n\nThis project is released under the MIT License. Contributions and improvements are welcome!\n\n---\n\n**FernUniversität in Hagen** | Bachelor’s Thesis in Computer Science  \nCryptographicEraser © 2025 by Fabian Kozlowski  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fratk87%2Fcryptographiceraser","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fratk87%2Fcryptographiceraser","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fratk87%2Fcryptographiceraser/lists"}