Advanced File Encryption for Windows and Linux

AES File Format

AES Crypt reads and writes file in the .aes file format. The file format is easily identifiable by software. Packetizer does not claim exclusive rights to the .aes file format. It may be used in commercial and open source products without any restrictions or costs whatsoever. However, in keeping with the spirit of open source and ensuring that users are always able to read and write .aes files, we would like to request that any other developers of AES file encryption software that produces an .aes file use this file format for the benefit of interoperability.

To date, there are two versions of the .aes file format, which are numbered starting with version 0.

The current version of the .aes file format is version 1. Version 1 is what is produced by AES Crypt and contains enhancements to allow the files to be produced in "streaming" mode, which is suitable for use with Linux as part of a backup process, for example, where the tar command is used and output is sent to AES Crypt as standard input (stdin). The other benefit to version 1 is faster password verification. The password entered by the user is used to encrypt an initialization vector (IV) and 32-octet (256-bit) encryption key, both of which are randomly created. The password can be verified immediately after checking the HMAC that protects this IV and key. The format for version 1 is shown below. 

 3 Octets - 'AES'
 1 Octet  - 0x01 (Version)
 1 Octet  - Reserved
16 Octets - Initialization Vector (IV) used for encrypting the
            IV and symmetric key that is actually used to encrypt
            the bulk of the plaintext file.
48 Octets - Encrypted IV and 256-bit AES key used to encrypt the
            bulk of the file
            16 octets - initialization vector
            32 octets - encryption key
32 Octets - HMAC
nn Octets - Encrypted message (2^64 octets max)
 1 Octet  - File size modulo 16 in least significant bit positions
32 Octets - HMAC

Thus, the footprint of the file is at least 134 octets.

Version 0 is no longer written by AES Crypt, though it does have the ability to read files in this format. The format for version 0 is shown below. 

 3 Octets - 'AES'
 1 Octet  - 0x00 (Version)
 1 Octet  - File size modulo 16 in least significant bit positions
16 Octets - Initialization Vector (IV)
nn Octets - Encrypted message (2^64 octets max)
32 Octets - HMAC

Thus, the footprint of the file is at least 53 octets.
Copyright © 2008 • Packetizer, Inc.

Design by Terrapane