• caglararli@hotmail.com
  • 05386281520

Is my encryption format secure?

Çağlar Arlı      -    19 Views

Is my encryption format secure?

I am looking to implement a secure passphrase-encrypted file format for a specific use case. The file format consists storing a randomly generated salt and IV along with the cipher text and a MAC to verify the file has not been altered.

Diagram of format

Encrypted format

The following steps will be performed when encrypting information:

  1. A randomly generated salt and IV will be created and stored in the file.
  2. A user passphrase will be processed into a 64-byte key using Argon2ID as a KDF.
  3. A cipher key & MAC key will be derived from the KDF key.
  4. The plaintext will be encrypted using a ChaCha20 cipher and stored into the file.
  5. The salt, IV, and cipher text will be passed through a Poly1305 MAC and the result will be appended to the end of the file.

When decrypting the file, the passphrase & salt will go through the Argon2ID KDF to generate the cipher and MAC key. First, the MAC will be verified and then the cipher text will be decrypted. Does this file format keep the plaintext information secure? Are there any oversights in the design of this encryption mechanism?