Secure Encrypted Database System A Multi-Layer Cryptographic Approach to Local Data Security

This paper presents the design, implementation, and security analysis of a command-line encrypted database system developed in Python. The system addresses the need for lightweight, locally-deployed secure data storage without reliance on external infrastructure. It employs a three-layer cryptographic architecture: file-level encryption using Fernet with PBKDF2-HMAC-SHA256 key derivation, record-level encryption with unique per-record keys derived from a random salt and sixteen master keys, and credential protection using salted PBKDF2 hashing at 600,000 iterations. The system is modularised across eleven Python files following separation of concerns, achieves O(1) record access via a binary index, and parallelises encryption and decryption using Python's ThreadPoolExecutor. Security analysis demonstrates resistance to rainbow table attacks, ciphertext correlation attacks, and offline brute-force attempts. Performance benchmarks show sub-second response times for individual record operations and linear scaling for bulk insertion. The system represents a practical model for applying layered cryptographic principles to local data management.