S.S.E. File Encryptor - Format Specifications
(format version 4)

File Encryption Format

*A - Compression: Zip64 archive; DEFLATE or "store only"; CRC32 for each file within archive;
*B - Encryption: Chosen algorithm in CTR mode;
*C - Random data block: Random characters ("a-z" and "0-9" only); Quick password verification;
*D - MAC: BLAKE3 in authentication mode; 256 bits; Encrypt-then-Authenticate;
*E - Version: Format version = 4;
*F - Algorithm Codes:
• 0 = AES (256 bit)
• 1 = RC6 (256 bit)
• 2 = Serpent (256 bit) : (Bouncy Castle "Tnepres" implementation)
• 3 = Blowfish (256 bit)
• 4 = Twofish (256 bit)
• 5 = GOST28147 (256 bit)
• 6 = Blowfish (448 bit)
• 7 = Threefish (1024 bit) : (for PRO version)
• 8 = SHACAL-2 (512 bit) : (for PRO version)
• 9 = Paranoia C4 (2048 bit) : (for PRO version - cascade of Threefish–Serpent–AES–SHACAL2)
*G - Custom KDF parameters: related to Argon2id; lower 4 bits for t parameter multiplier; higher 4 bits for m; t = tbase * 2^multiplier;

Key Derivation Function

• STEP 1: HKDF(password)
(Skein-1024 based HKDF; Stored in device's RAM during session; 2048 bits;)
• STEP 2: Argon2id(STEP 1, salt)
(New run (new salt) for every single encryption operation; 2048 bits;)
• STEP 3: 3 x HKDF(STEP 2)
(SHA3-512 based HKDF; For encryption key, authentication key (256 bits), and nonce;)

Notes:
• For cascaded algorithms, a longer key and nonce is generated in step 3, which are then split to get unique key and nonce for each algorithm.
• Characters that are not from ASCII range 32-126 are converted to unicode code point numbers (for example: password "contraseña" equals "contrase241a").

Argon2id Base Parameters:
t = 10
m = 10240 kB
h = 4

S.S.E. 1.8.0+ Argon2id Parameters Modifiers:
t: 0001b ⇒ t = 10 * 2^1 = 20
m: 0001b ⇒ m = 10240 * 2^1 = 20480 kB

Implementations


Version 5 Draft Notes


<< Other Specifications