For more Details of Encryption see Encryption
before version 5.99a
File Structures and Encryption Technique 5.99a and later
- The data file (Plain text) is loaded into the
- An SHA digital signature is obtained and placed at the start of the
- The combination of SHA and plain text is compressed and the four
bytes indicating file size are placed at the beginning of the file.
- Encryption is now applied in six stages.
- Step 1: The password is obtained and to are added 10 characters
randomly dependent on the time Windows has been running (Initialisation
- Step2: The compressed plain text is encrypted with Blowfish using
the initialisation Vector as password. This helps to hide the known
plain text of the pkzip header. This is fast. (encrypt 1)
- Step3: An array of 256 characters is mixed with the password and
Initialisation Vector is set up (KEY).
- Step 4: The compressed file is XORed with the key. (encrypt
- Step 5: The characters are then XORed with its neighbour starting
from higher positions to the lower positions. This will prevent any
possibility of obtaining any of the original text by XORing with
other Plain text XORed with the same password. (encrypt 2a).
It also hides the pkzip header of known text.
- Step 6: The character positions of the encrypt 2 text are mixed
using the values in the key array (encrypt 3).
- Step 7: If a third password of 16 bytes in size is present then
upto 400,000 characters is encrypted by using AES with a 16 byte
- The process of steps 1 to 6 can be repeated if a second password
is used. (encrypt 4 & encrypt 5).
See page 22.
- Step 7: The Plain text is now encrypted. A digital signature of
this is attached to the beginning of the file.
- The file is now ready to be sent or left on the hard disk (SHA
File Structures and De-cryption Technique 5.99a and later
Decryption is a simple process and involves several steps.
- Step 1: The digital signature at the beginning of SHA
encrypted file is checked with the digital signature of encrypt
4/5. Encrypt 4/5 is separated from SHA encrypted file
and the de-cryption process begins.
- Step 2: The Initialisation Vector is obtained from
the encrypted file.
- Step 3: The password is obtained and to are added the initialisation
- Step 4: An array of 256 characters is mixed with the password and
Initialisation Vector (state array).
- Step 5: An array of mixing position values is created. This process
has large memory requirements.
- Step 6: The mixed characters are unmixed using the mixing position
- Step 7: The characters are then XORed with its neighbour starting
from lower positions to the higher positions.
- Step 8: The characters are then XORed using the array created with
the help of key..
- step 9: Blowfish decryption is then used applying the Key as
- Step 6: The de-crypted text is de-compressed. This now consists of
Plain Text and SHA digital signature.
- If a third password of 16 bytes in size is present then upto 400,000
characters is encrypted by using AES with a 16 byte key after applying
steps 1 to 6
- If there are two passwords then steps 1 to 6 are applied twice.
- Step 7: The de-compressed data is separated from the SHA digital
signature. The digital signature is compared with the digital signature
of the plain text. If the digital signatures match then we have the
The code for the encryption/decryption
AES 16 Byte key follows:
Encryption Procedure (5.99a and post)