The repository is organized as a sequence of variable-length records, broken down into 512 MB chunks for the purposes of synchronization with a planned cloud storage. Each record is encrypted with a 256 bit AES cipher in EAX mode, with the logical file offset as IV.
Each backed up file is encrypted with a randomly generated key, stored in a corresponding snapshot record. Snapshot records, as well as other system records such as thumbnails and index records, are encrypted with the master key generated when the repository is created. Under this scheme it will be possible to add file sharing capabilities in the future without compromising security of the rest of the archive.
To be continued...