7.1.1 Technical Details

The encrypted file is not pure ciphertext. First comes a magic string; this is currently the sequence "ctx" and a byte containing 1 (the version number of cipher). This is followed by the null-terminated name of the encryption algorithm, and the rest of the file contains the ciphertext.

The plaintext is encrypted in CBC mode. The initial value for the feedback is always set to a block filled with the letter 'A', and then a block of random data is encrypted. This garbage block will be discarded on decryption. Note that the random data is not generated in a cryptographically secure way, and this may provide a tiny foothold for an attacker.

After the random block is generated, the magic string, length of the original file, and original filename are all encrypted before the file data is finally processed. Some extra characters of padding may be added to obtain an integer number of blocks. This padding will also be discarded on decryption. Note that the plaintext file will be completely read into memory before encryption is performed; no buffering is done. Therefore, don't encrypt 20-megabyte files unless you're willing to face the consequences of a 20-megabyte process.

Areas for improvements to cipher are: cryptographically secure generation of random data for padding, key entry, and buffering of file input.