- The encryption key is stored in plain
.keyfile (risk of theft). - If
encryption_key.keyis lost, data cannot be decrypted. - No authentication or integrity protection included.
- Use password-based key derivation (PBKDF2/Argon2).
- Store keys securely (e.g., HSM, Vault, environment variables).
- Add file integrity (MAC).
- Consider stronger algorithms (AES-GCM).