ECB, CTR ("Counter"), EAX and GGM are all modes of operation for block ciphers. This wikipedia page
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
provides a good overview of the different modes, and why ECB is a bad choice
Ok, yes, KryptOn 1.0 is using ECB mode. This is very easily changed, though, the method is BlockCipher>>#makoEncrypt:.
(I was particularly struck by the spectacular failure of ECB mode to encrypt the sample image!)
That surprised me too, but then thinking about it makes sense because all the background pixels are the same color, therefore they are encrypting to the same bits. So the background color changes but the "disturbed" pixels (other than the background color) are causing the original shape of the original image to show through.
With specific reference to a Mako signed-sealed envelope, probably the best thing to do is to perform the public-key signing operation on the original data, and then encrypt-and-MAC the signed data as a separate step. The thing to do is to change the way envelopes are sealed (the signing process can be left alone) to be an encrypt-and-MAC operation rather than a simple encrypt-only operation with no integrity protection. For instance, Rijndael in EAX or GGM mode would do nicely for the enciphering step.
Ok, if this is the right thing to do then I will try to make these changes.
Another thing to watch out for is the key-exchange protocol, which can be really sensitive.
Ok, if you have any suggestions please let me know here on the cryptography list.
Regards, Chris