Share via

2.3.1 Encryption

  • Article

Data for all of the streams within the storage structure, including the directory streams, are encrypted; however, the storage structure itself is not encrypted.<2>

The substorage is encrypted by using an RC2 block encryption algorithm that has a block size of 64 bits. The encryption key that is generated is derived from the hashed bytes of the password of the operator. The length of the key can range from 40 bits to 128 bits, depending on the local machine's encryption configuration.

Every stream in the encrypted substorage has a random salt that is stored in the directory for the stream. The salt for the directory stream itself is stored in the directory for the parent storage.

Every salt has a default value of 0x39, 0x67, 0x13, 0xA7, 0x74, 0x8B, 0x0F, 0x77, 0x91, 0xCD, 0x24, 0x8B, 0xB1, 0xAB, 0xEE, 0x32 that is hardcoded in the code for the package. Each root storage directory stream uses this standard salt value.

Data for the stream is encrypted and decrypted 1,000 bytes at a time. Any bytes at the end of the stream are padded at the time of encryption and trimmed at the time of decryption.

The root encrypted storage (the top-level package version storage that is described in section 2.2.1.1) contains the following directory streams:

  • Stream "Element00000000" is encrypted with the key that was derived from the hashed bytes of the password of the operator.

  • Stream "Element00000001" is encrypted with the key that was derived from the hashed bytes of the password of the owner.

Stream"Element00000001" has the password of the operator stored in it; however, the password of the owner is never stored. All other streams in the version are encrypted with the operator password key.

For security purposes, when the storage is opened, stream "Element00000001" and stream "Element00000000" are also opened to determine whether the user is the owner or the operator.

The directory stream contains password information for the storage, and it maps physical stream or storage names that are in the substorage to names that were specified when the element was created and also to the encryption "Salt" for the element.

For example, in a stream named "CollectionProperties", the user would create an entry in the directory stream that is named "CollectionProperties" and would also create the salt value to be used to encrypt the entry. The directory stream itself would be written into an encrypted stream named "Element", plus a storage number (expressed as an eight-digit value with leading zeroes) that would correspond to the entry that is in the directory stream.

In a substorage named "Substorage", the user would create an entry in the directory stream that is named "Substorage" and would also create a salt value. The salt value would be used to encrypt the directory stream of the substorage.