If you had a web page on the host that would decrypt the file names (or files), they could have just stored a copy after your code generated it. Not only that, but they could have trivially captured any password you put into it. That's not a secure system at all if you assume a malicious host like the OP assumes.
Or at least we know he can mock up some convincing looking "screen captures".
Around here, cable internet is absolute crap due to all the students sucking the bandwidth dry. I don't care what they claim to provide speed wise, it was always slow. The connection would also just disappear for over an hour at a time most nights around 10PM. DSL doesn't provide the theoretical rates of cable, but what it does provide is a fixed rate and the phone company, as much as they suck, sucks a lot less than the cable company when it comes to reliability.
If you analyse anything, you destroy it. -- Arthur Miller