FIGURE 13 sets out in sequence the constituent elements
of a reconstitution header 1250 within a reconstitution file 0270. The header contains many
items, but their cumulative length in the preferred embodiment is under 128 bytes. There are
nine elements or groupings in the reconstitution header 1250.
The first grouping is a set of 15 random bytes 1310 for
use in encryption. The reconstitution file 0270 is subjected to a standard form of encryption
2160 using for its key less than the maximum number of bits (currently 40) allowed under the
United States Bureau of Export Administration for what is termed "light" encryption. The
actual key can be hidden in, derived, and calculated from a set of 15 random bytes 1310 at
the beginning of the reconstitution header 1250.
The reconstitution file type 1320 is indicated by a one
byte ASCII flag containing one of three letters: M= Master 1211, B= Backup 1212, D=
Distribution 1213.
The computer identifier code 1330 within the
reconstitution header 1250 holds eight binary bytes 0922 generated by the one and only
computer that is authorized to handle this specific reconstitution file 0270. Other
(even many) computers 0920 may access the same privacy protected archive, but each computer
must have its own specially tailored copy of the reconstitution file 0270.
Thirty bytes (up to 29 characters and a terminal null
character) are set aside for the password 1340 required to restrict access to this file
to authorized users. In the preferred embodiment, alphabetic letters and digits are
retained from the password 0330 specified by the user; all punctuation and other characters
are collapsed out. The same logic is used behind the scenes both for initial capture of
the password, and for situations where the password must be given. Hence there is no impact
on the user. Note that blank passwords are permitted, on the basis that "my computer is my
password" where reconstitution files are disguised in computer-specific ways.
