Rdex File Formats

Rdex Screenshot

I have been using my cardfile since the early 90's. The application I first used to create the cardfile is gone. The machine the application ran on is long gone. So is the operating system on which the application ran. Even the company that created that operating system has been gone nearly 10 years now. Only the data remains.

Here is a description of each of the Rdex file formats so that when Rdex finally bites the dust it doesn't take the data with it.

Rdex ACII Format

This is the original cardfile format from back in the early 90's.

In Rdex ASCII format the data is stored as a simple ASCII encoded file with cards terminated by the ASCII "DEL" character "7F" (in hex). There is no header before the beginning of the first card. The last card must end with the "DEL" character. Anything after the final "DEL" character is ignored.

You can edit the data file with notepad or any other editor that can handle an ASCII file—just be careful of the card separator characters, they will probably display as an empty square.

Rdex UTF-8 Format

ASCII is limited to 128 standard characters plus an additional 128 characters that are depenedent on the system locale. This works reasonably well for most western languages based on the latin alphabet but is clearly unable to express characters from other writing systems. Unicode was developed to address this issue. The UTF-8 format is able to handle all symbols and characters in all writing systems. Characters will not get confused when shared across different computer systems (e.g. Windows and Android).

Rdex UTF-8 format begins with a specific header string:

\b\a\a Rdex UTF-8 Format \a\a\b

where the C escape sequence "\a" is hex 07 and "\b" is hex 08 and the spaces shown between the "\a" characters are the ASCII space character.

The data is stored in UTF-8 format with cards terminated by the ASCII "DEL" character "7F" (in hex). (The first 128 characters of UTF-8 correspond one-to-one with ASCII.) The header is also separated from the first card by the "DEL" character. The last card must end with the "DEL" character. Anything after the final "DEL" character is ignored.

You can convert between Rdex ASCII and Rdex UTF-8 using Rdex Windows. All ASCII files can be converted into UTF-8. Rdex Windows will inform you if there are characters that cannot be represented when converting from UTF-8 to ASCII.

Rdex AES-128 Encrypted Format

Rdex AES-128 format is the simplest possible securely encrypted file format. It consists of a plain-text header, a "DEL" character, a random initialization vector (IV), the encrypted data (cyphertext), and a hash-based message authentication code (HMAC).

Rdex AES-128 format begins with the header string:

\b\a Rdex AES-128-1 File \a\b

where the C escape sequence "\a" is hex 07 and "\b" is hex 08 and the spaces shown between the "\a" characters are the ASCII space character. The header is terminated by a "DEL" character.

The initialization vector is a cryptographically random 16 bytes. It will change every time the file is saved.

The Advanced Encryption Standard (AES) with a 128-bit key length is used to encrypt and decrypt the data. It is initialized with the initialization vector and a key derived from the passphrase and used in cypher block chaining (CBC) mode with PKCS5 padding. The internal decrypted encoding of an Rdex AES-128 format file is Unicode. If an Rdex ASCII file is encrypted it will first be converted to Unicode encoding.

The final 32 bytes of the file is an HMAC digest covering the initialization vector and the cyphertext using the SHA-256 cryptographic hash algorithm and an HMAC key derived from the passphrase. This is used as an integrity check to verify that the passphrase is correct and that the file has not been corrupted before proceeding to decrypt the file. If the check fails either the file has been corrupted or the passphrase is incorrect.

Two keys are required to be derived from the passphrase, one for encrypt or decrypt and one for the HMAC integrity check. The passphrase is encoded in UTF-8 and the string "encryption" appended for encrypt/decrypt or "authentication" for the HMAC key. The result is passed through the SHA-256 cryptographic hash algorithm. The first 16 bytes of the result are used for the encrypt/decrypt key and all 32 bytes for the HMAC key.

Rdex AES-128 format is the simplest possible file encryption format. It leaves the level of security in the hands of the user. The level of security is directly related to the length of the passphrase and how easily it is guessed. Today's password crackers can make in the region of a hundred billion guesses per second. At this rate a random 8 character password can be cracked in under six hours. A recent test was able to guess 90% of a 16,000 password collection within 15 hours. I like this idea for generating a random passphrase: use six random five or six letter words. Here is a password strength tester to evaluate the strength of a passphrase. (Download the program, or unplug your computer, if you don't trust the Internet.)