Format of Encrypted Stream
Encrypted stream is produced by a low-level cipher component, and serves as a basic block for higher-level data structures. For example, Kryptel container's directory is stored as an encrypted stream, and separate encrypted streams are used to store each file's data.
Encrypted stream is a very primitive structure and contains no information about the used cipher or the cipher parameters. The higher-level component should set all the required cipher parameters before starting the encryption (decryption) job. However the way, in which the cipher converts a stream of unencrypted data to the encrypted form and vise versa, is the sole responsibility of the cipher component. Even if the format of the encrypted stream is cipher-specific, all Kryptel ciphers use the same format, with the exception of the null cipher, which simply copies the input stream to the output (the end-user Kryptel product does not allow selecting the null cipher for encryption).
Kryptel ciphers do not impose any limitation on the data format, or on the length of the input stream. Zero length input stream is allowed. Typically, the input stream is compressed data produced by a compressor component.
First step is inserting a random sequence of bytes at the beginning of the stream. The purpose of the random header is to defend against known plaintext attack. The first byte contains the size of the header, and is followed by a random number of random bytes. Kryptel 6.x ciphers insert 1 to 16 random bytes, that is, the header length will be from 2 to 17 bytes. If the header size is divisible by the cipher block size, one more random byte is added.
For example, in case of Blowfish cipher, which has block size 8 bytes, header sizes 8 and 16 are not allowed – the decoration function will add one more random byte to make the header 9 or 17 bytes long correspondingly. Note that in the hypothetical case of a cipher with block size 17, the maximum size of the header will be 18 bytes.
Kryptel 5 used 2 to 33 bytes long headers without block size checking. The difference does not affect decryption because in all the versions the first byte contains the number of bytes to remove.
Second step is stream padding. The cipher pads the input stream with the trailing sequence to the cipher block boundary. If the input stream (including the header) already ends on the block boundary, blocksize trailing bytes will be added. The trailer is a simple sequence of numbers 1,2,3, ... ,n, so that the last byte of the sequence contains the length of the trailing sequence.
If the cipher block size is 8 bytes (64 bits), then the string “O, mama mia” (length=11) may be padded as
05 28 6F 74 81 “O, mama mia” 01 02 03 04 05 06 07 08
After the decoration step the length of the stream is a multiple of the cipher block size. The decorated stream is encrypted using the currently set key and the selected cipher parameters.
The stream is decrypted; the first and the last bytes of the decrypted stream contain the number of bytes to be removed from the beginning and from the end of the stream respectively.