Design an encrypted key-value store with login

Prompt

Design a small key–value store that supports user login and ensures values are encrypted at rest using a user-provided password.

You may assume this is a standalone service/library (language-agnostic) and you can use standard cryptographic primitives from a library (you do not need to implement AES/SHA yourself).

Requirements

1. Authentication / login
   • Users can register and then log in with a password.
   • The system must not store plaintext passwords.
2. Encrypted-at-rest values
   • put(key, value) stores the value such that if the database/file is leaked, values are not readable without the user’s password.
   • get(key) returns the decrypted value for an authenticated user.
3. Basic API surface (suggested)
   • Register(username, password)
   • Login(username, password) -> session/token
   • Put(session, key, value)
   • Get(session, key) -> value
   • Optional: Delete(session, key) / ListKeys(session)
4. Threat model / constraints
   • Assume an attacker can obtain the underlying storage (DB/file) but not the running process memory.
   • Consider common pitfalls (e.g., deterministic encryption, IV reuse, password hashing vs encryption keys).

What to provide

• A high-level design (data model + flow) showing how you would store:
  • user credentials
  • encrypted values
  • any metadata needed for decryption
• A description of cryptographic choices and why they are safe.
• Key edge cases (password change, corruption, wrong password, multi-user isolation).