I am working in an Encryption Filter Driver and it works will by using an external application to encrypt the file using a simple encryption algorithm (NOT for each byte) then I make my driver decrypt the file on the fly when any application tries to read the file. And it works very fine, but now I need to use a strong encryption algorithm (Block encryption) and I need to modify the read requests that I got to make it aligned on the block size before the read and decrypt the hole buffers or the MDL then return the only selected bytes that the requester required from my drive, can any one tell me or guide me to any thing that helps, Plz
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Khaled Youssef
Sent: Tuesday, September 07, 2004 4:08 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Block Encryption
Dear all,
I am working in an Encryption Filter Driver and it works will by using an
external application to encrypt the file using a simple encryption algorithm
(NOT for each byte) then I make my driver decrypt the file on the fly when
any application tries to read the file. And it works very fine, but now I
need to use a strong encryption algorithm (Block encryption) and I need to
modify the read requests that I got to make it aligned on the block size
before the read and decrypt the hole buffers or the MDL then return the only
selected bytes that the requester required from my drive, can any one tell
me or guide me to any thing that helps, Plz
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Khaled Youssef
Sent: 08 September 2004 11:20
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] Block Encryption
I do not understand what do you mean by counter mode, could you describe
it
in more details,
I revised the link that Rob Linegar posted and I understood the meaning of
the counter mode encryption, but I see that it will have the same problem
that I faced in the normal block encryption in the file pointer alignment to
the blocks’ boundaries
Could you guide me to the steps to align the file pointer to the start of
the block and read it and decrypt it and give it back to the caller or any
sample code will be appreciated,
There is no alignment requirement when using a CTR mode encryption
algorithm.
CTR Mode turns the block cipher into a stream cipher. The counter is an
IV (Initialization Vector) + offset so, to encrypt the nth byte of a
file you would have IV + n as the counter, and a key. You then run the
cipher over the data. Done.
Try to imagine the algorithm is like a file. You simply “seek” into the
stream using the counter as the file position.
Ben Curley
DESlock+ Lead Developer
Data Encryption Systems Ltd.
Silver Street House
Taunton, Somerset
UK
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Khaled Youssef
Sent: 08 September 2004 13:07
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] Block Encryption
I revised the link that Rob Linegar posted and I understood the meaning
of the counter mode encryption, but I see that it will have the same
problem that I faced in the normal block encryption in the file pointer
alignment to the blocks’ boundaries
Could you guide me to the steps to align the file pointer to the start
of the block and read it and decrypt it and give it back to the caller
or any sample code will be appreciated,
Thank you all for your great help I got your Idea now and it will really
help me
but I want to be sure from some thing, the byte position will be calculated
using the current file position in the IRP_MJ_READ,
Then what we shall use the information which in the FILE_OBJECT
(CurrentByteOffset) or the info that is in the IO_STACK_LOCATION in the Read
parameters (ByteOffset)? and when they are valid, before the IRP_MJ_READ
request arrives to the File System or in the IRP_MJ_READ completion Routine
?
I use IrpSp->Parameters.Read.ByteOffset.QuadPart. Seems to work for me.
Hope this helps
Paul Delivett
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Khaled Abdulaziz
Sent: 09 September 2004 06:38
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] Block Encryption
Thank you all for your great help I got your Idea now and it will really
help me but I want to be sure from some thing, the byte position will
be calculated using the current file position in the IRP_MJ_READ, Then
what we shall use the information which in the FILE_OBJECT
(CurrentByteOffset) or the info that is in the IO_STACK_LOCATION in the
Read parameters (ByteOffset)? and when they are valid, before the
IRP_MJ_READ request arrives to the File System or in the IRP_MJ_READ
completion Routine ?
----- Original Message -----
From: “Khaled Abdulaziz” Newsgroups: ntfsd To: “Windows File Systems Devs Interest List” Sent: Thursday, September 09, 2004 9:37 AM Subject: Re:[ntfsd] Block Encryption
> Thank you all for your great help I got your Idea now and it will really > help me > but I want to be sure from some thing, the byte position will be calculated > using the current file position in the IRP_MJ_READ, > Then what we shall use the information which in the FILE_OBJECT > (CurrentByteOffset) or the info that is in the IO_STACK_LOCATION in the Read > parameters (ByteOffset)? and when they are valid, before the IRP_MJ_READ > request arrives to the File System or in the IRP_MJ_READ completion Routine > ? > > Thanks alot in advance. > > > > — > Questions? First check the IFS FAQ at https://www.osronline.com/article.cfm?id=17 > > You are currently subscribed to ntfsd as: xxxxx@storagecraft.com > To unsubscribe send a blank email to xxxxx@lists.osr.com
