The Decryption Process
Although the decryption process is essentially a mirror image of encryption, there are notable differences. Before the message data is read from the message file, the file header must be recovered. This must be followed by a 2 byte data read to allow for the end of the record (line feed and carriage return). The length of the message header (n) must be calculated before decryption can proceed. After the message header has been read, the encrypted data is read in 64k byte blocks as for encryption. As each block is read it is inserted into the message data stream, which takes the form of a single string (character) variable. However, the first block is limited to less than 65,536 bytes, because the message header accounts for the first n bytes of the block. Otherwise the process is the same as for encryption, shown in Figure 3.
After the data has been read, the header must be analysed. Before the header data can be analysed, the embedded keys must be assigned to the various registers, using an identical process to that used for reading the key file during encryption.
The header must be converted from hex pairs to decimal numbers. The first two characters of the header are used to set the decryption mode to either "Stream" or "Hex". The encrypted part of the header is decrypted in the same manner as for the message decryption (described by Equations (5) and (6) below). It is then split into the three elements as described for encryption. The first group of eight characters is used to determine the hash. Characters 9 to 16 are captured as the rotation index for the decryption. The remainder of the header from Character 17 is captured as the original file name of the file before encryption.
Rotation of the registers occurs exactly as shown in Figure 5. Once the registers have been set to the correct value, the hash function is split into four and each part modifies the values of one register via an XOR function, as during encryption.