Field-Level Encryption for FlatBuffers
AES-256 encryption with HD wallet key derivation, meeting federal data-at-rest requirements
Capabilities
Field-Level Encryption
Encrypt individual fields within FlatBuffer records. The binary structure stays intact so upstream code can read encrypted values without schema changes.
HD Wallet Key Derivation
Keys derived from BIP-39 seed phrases using HKDF-SHA256. Each field can have its own derived key for granular access control.
High Performance
Generate and encrypt 1 million records at 50+ MB/s using WebAssembly. Streaming export avoids memory accumulation.
Zero Server Dependency
All cryptographic operations run client-side in the browser. No data leaves your device unless you explicitly export it.
Cryptographic Implementation
Federal Compliance Standards
This implementation uses cryptographic algorithms approved for protecting federal data at rest:
CNSA 2.0
Commercial National Security Algorithm Suite 2.0 mandates AES-256 for all National Security Systems. Quantum-resistant algorithm support required by 2025.
View PDF →SP 800-111
Guide to Storage Encryption Technologies for End User Devices. Endorses AES-256 for data at rest with proper key management.
View Publication →140-3
Security Requirements for Cryptographic Modules. AES-256 is approved for all security levels (1-4) in federal cryptographic modules.
View Standard →STIGs
Security Technical Implementation Guides require FIPS 140-validated AES encryption for protecting CUI and classified information.
View STIG Library →wasm/openssl-fips/ for build instructions and the validated cryptographic module.
Use Cases
Defense & Intelligence
Field-level encryption for mission data with per-user key derivation and need-to-know access control.
Healthcare (HIPAA)
Encrypt PHI fields while leaving non-sensitive metadata readable for indexing and routing.
Financial Services
Protect PII and transaction data at rest with audit-ready key management from HD wallets.
Zero-Trust Architectures
Data remains encrypted until the authorized recipient decrypts with their derived key.
Public Key Infrastructure
Alice encrypts data with Bob's public key. Only Bob can decrypt with his private key.
Field-Level Encryption
Generate FlatBuffer records and visualize individual field encryption using Alice/Bob keys
Bulk Generation
Generate up to 1 million FlatBuffer records - encrypted or plain
Export to File (Memory Efficient)
Generate records and download directly - no memory accumulation.
Import from File
Upload an .efbs file to decrypt and verify records.
Generate in Memory (Small Datasets)
Generate records in memory for inspection. Best for <10,000 records.
Schema Viewer
View FlatBuffers schema (.fbs) and equivalent JSON Schema
.fbs Schema
JSON Schema
Convert JSON ↔ FlatBuffer
JSON Input
Hex Input (FlatBuffer)
Streaming Dispatcher
Route mixed FlatBuffer messages to ring buffers by type
Cryptographic Identity
Generate a vCard with your public keys for secure sharing
FlatBuffer Studio
Create schemas, generate code, and build FlatBuffers in the browser
Files
Schema Definition
Parsed Structure
Item Editor
Preview
// Schema preview will appear here...
Generated Files
Generated Code
// Generated code will appear here...
Data Entry
Buffer Output
Decoded JSON
Build or upload a buffer
WASM Compiler (flatc)
Run flatc in the browser or Node.js
Encryption Module (WASM)
AES-256, X25519, secp256k1, P-256, Ed25519