(registered 2026-06-26, last updated 2026-06-26)

Media type name: application

Media subtype name: vnd.abdalsecuritygroup.lockbox

Required parameters: N/A

Optional parameters: N/A

Encoding considerations: binary

The format is an encrypted binary container. It may contain arbitrary octet values, including NUL octets, and is not line-oriented.

Security considerations: This media type does not contain active or executable content.

Files of this type contain encrypted Abdal LockBox vault backup data and must be treated as sensitive security material. The file may contain encrypted representations of credentials, vault entries, usernames, passwords, website URLs, notes, and related vault metadata.

The format is intended to provide confidentiality and integrity protection. Implementations are expected to encrypt the payload using an authenticated encryption scheme, such as AES-256-GCM or XChaCha20-Poly1305, and derive encryption keys from an export passphrase using a memory-hard KDF such as Argon2id or scrypt with per-file random salt and stored KDF parameters.

Implementations must verify the file magic number, format version, KDF parameters, salt, nonce, authentication tag, and integrity metadata before accepting or importing a file. Implementations must reject malformed, truncated, modified, downgraded, or unauthenticated files.

The format must not store plaintext vault secrets, plaintext master passwords, plaintext recovery keys, plaintext DEK values, plaintext KEK values, or plaintext credential fields. Importers should avoid leaking detailed parsing or cryptographic error information that could help attackers perform offline attacks.

The media type itself is not executable. However, implementations must treat all parsed fields as untrusted input and must apply normal defensive parsing, length checks, version checks, and cryptographic verification before use.

Interoperability considerations: This format is intended for encrypted backup export and import between compatible versions of Abdal LockBox. Implementations should identify files using the media type, the .ablbx file extension, and the ABLBX magic number.

The file header should include a format version so future versions can maintain backward compatibility. Implementations should reject unsupported versions safely and should not attempt to import files without successful authentication and integrity verification.

Published specification: Abdal LockBox Encrypted Vault Backup Format Specification, version 1.0:
https://github.com/ebrasha/abdal-lockbox/blob/main/docs/ABLBX-FORMAT.md

Applications which use this media: Abdal LockBox uses this media type for encrypted vault backup export and import files. The format is used for files with the .ablbx extension created by the Export Vault feature and consumed by the Import Vault feature.

Fragment identifier considerations: N/A

Restrictions on usage: No restrictions on usage. The format is intended for Abdal LockBox encrypted vault backup files and compatible implementations.

Additional information:

1. Deprecated alias names for this type: N/A
2. Magic number(s): 41 42 4C 42 58 0D 0A 1A 0A ("ABLBX\r\n\x1A\n" at offset 0)
3. File extension(s): .ablbx
4. Macintosh file type code: N/A
5. Object Identifiers: N/A

General Comments: The requested media type is intended to identify encrypted Abdal LockBox vault backup files. The file extension is .ablbx and the recommended filename pattern is:

abdal-lockbox-backup-{yyyyMMdd-HHmmss}.ablbx

The format is designed so that exported files do not contain plaintext vault entries, plaintext master passwords, plaintext recovery keys, plaintext DEK values, plaintext KEK values, or human-readable credential data.

Person to contact for further information:

1. Name: Ebrahim Shafiei, Abdal Security Group
2. Email: Prof.Shafiei&Gmail.com

Intended usage: COMMON

The .ablbx extension stands for Abdal LockBox encrypted backup. Files are generated by the Export Vault feature and imported by the Import Vault feature. The file content is an encrypted, integrity-protected binary container and is not intended to be human-readable.

Author/Change controller: Abdal Security Group
Contact: Ebrahim Shafiei
Email: Prof.Shafiei&Gmail.com
Website: https://github.com/ebrasha