Data Shield Vault: A Secure Exchange Framework Combining MFA, RSAAES Hybrid Cryptography, and SHA-256-Based Integrity with Role Logging

Abstract

Secure data management has become a critical requirement in modern digital systems due to the rapid growth of sensitive information and increasing cybersecurity threats. Traditional systems mainly rely on single-layer authentication and basic encryption techniques, making them vulnerable to unauthorized access, data breaches, and lack of data integrity. These systems often fail to implement advanced mechanisms such as Multi-Factor Authentication (MFA), secure key management, and proper activity logging. To address these challenges, the proposed system introduces a secure data management framework that integrates MFA with advanced encryption and integrity techniques. The authentication process combines password-based login, biometric verification using OpenCV (Open-Source Computer Vision Library), and One-Time Password (OTP) validation to ensure strong user authentication. For data protection, ChaCha20-Poly1305 is used for efficient and secure encryption, while RSA (Rivest– Shamir–Adleman) and AES (Advanced Encryption Standard) hybrid encryption ensures secure key exchange and data sharing. Additionally, SHA-256 (Secure Hash Algorithm 256-bit) is implemented to maintain data integrity by generating unique hash values. The system also incorporates Role-Based Access Control (RBAC) along with logging mechanisms to monitor user activities such as login, data access, sharing, and downloads, ensuring accountability and traceability. This layered approach overcomes the limitations of traditional systems by providing enhanced security, controlled access, and reliable data protection. The solution is lightweight, scalable, and efficient, making it suitable for realworld applications. It significantly improves data confidentiality, integrity, and security, offering a robust and practical framework for secure digital data management.