NANO.NOQ is a very small binary container format for AES-GCM keys. The entire implementation is inside a single HTML file using WebCrypto (no backend, no external dependencies).
The .noq file format is simple: - header (“NOQ1”) - key length (2 bytes) - raw AES-256-GCM key - a 4-byte integrity slice (from SHA-256(key)) - 32 bytes of random padding
The project does NOT add new cryptography on top of AES-GCM. It's purely an experiment in designing a file format for storing keys separately from ciphertext without copy/paste.
There's also a mutation step for Base64URL ciphertext, but it is obfuscation only and not meant as a security layer.
I’m not a professional programmer — I built this with AI assistance as a way to learn about key storage formats, integrity fields, and browser-based crypto workflows.
Feedback, corrections, and criticism are very welcome.
_jzlw•2mo ago
2. Consider using an actual checksum like CRC-32 rather than a truncated hash if your intent is to detect data corruption (see https://stackoverflow.com/a/72580031)
3. Obfuscation is a fool's errand; as you said, it provides no security, but therefore it also serves no purpose except to give a false sense of security, which is often more dangerous than none at all. Actual private key container formats (like PKCS#8 and #12) allow for encrypting the key with a passphrase, which is something you might consider instead.
4. "AES-GCM keys" are not a thing; they're just AES keys (which are just random bytes of a set length).