Redesign defaultKeyEncrypter to use modern encryption.

[nanov]

Currently the defaultKeyEncrypter which is used to encrypt persisted keys is using deprecated createCipher method.

This results in weaker encryption. Migrating the encryption into some modern one would involve changing the keys files format, so a convertor should be written in order to migrate old ones to new ones, as well as some kind of metadata in the new format in order to assure correct keys file version.

TODO:

• Discuss and decide the new keys format (maybe a binary one with metadata as first few bits)
• Implement encryption and decryption with the newly decided format, plus version and corruption checking.
• Write a tool to upgrade v1 ( current ) files to v2.