I’ve published draft specs for the next two versions of the RNCryptor format. I split it into two versions because the v3.1 changes are backward compatible while the v4.0 changes are not. Updating the ObjC implementation to v4.0 may take a little while, because I plan to also update the API at the same time. I can probably get a new version that handles v3.1 pretty quickly.
Comments on these drafts are highly encouraged.
v4.0 is a more radical change to the format. Rather than randomly generating the IV, encryption key, and HMAC key, it derives these from a single master key and a random salt using a KDF. For key-based encryption, this is HKDF. For password-based encryption, this is PBKDF2 and HKDF. It also adds a validator that can be used to quickly verify that the key/password is correct before processing the entire file (this also differentiates between incorrect password and most corruption errors; previously the caller could not differentiate these error conditions).