Devlopment of Hard disk encryption system

Hello guys

I have been assigned to build Hard disk encryption system for windows
2k . Many such softwares exist (drive crypt , securedoc , winmagic ) but
we would like to have our own system .

The aim is to encrypt everything includeing the OS so the encryption will
be low level ( sector level ) .

I would like to ask for the help from you guys on how i should go about
building the system . Especially the Boot Up part . I did read the
previous posts but could not find much info on writing the Bootup system
for such a sytem .

Hoping for some answers …

Thanking you

Vikas Patial
xxxxx@ngcoders.com
http://www.ngcoders.com
http://www.roboticsindia.com

> The aim is to encrypt everything includeing the OS so the encryption will

be low level ( sector level ) .

You cannot encrypt the boot sector and the MBR.

If you want to encrypt the operating system,
you must implement something which will be able
to retrieve the encryption key passphrase
BEFORE the operating system loads
(event before NTLDR starts).
so you must do it while the BIOS reads the Master Boot
Record.

L.

>

You cannot encrypt the boot sector and the MBR.

You can encrypt Boot sector, provided if u have some code in MBR itself to
decrypt it.

Regards,
Satish K.S

> You can encrypt Boot sector, provided if u have some code in MBR itself to

decrypt it.

Eh, well. Encrypting boot sector will also ensure
that the file systems will not try to mount
the volume (precisely said - they will try, but they
fail)

L.

This belongs in NTDEV as it is part of the storage stack and not the file
systems stack. You are incorrect. If done correctly the entire drive can
be encrypted, but the OS will never see the encrypted data. Without the
correct password/keys, the system will not boot. This is not for beginners
as doing this requires a lot of knowledge in several areas - BIOS, boot
drivers, and memory usage by Windows. It also requires very advanced skills
in assembly coding.

“Ladislav Zezula” wrote in message news:xxxxx@ntfsd…
>> You can encrypt Boot sector, provided if u have some code in MBR itself
>> to
>> decrypt it.
>
> Eh, well. Encrypting boot sector will also ensure
> that the file systems will not try to mount
> the volume (precisely said - they will try, but they
> fail)
>
> L.
>
>
>

I would suggest to drop the idea of boot encryption and develop a per-file
system.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “vikas patial”
To: “Windows File Systems Devs Interest List”
Sent: Monday, October 04, 2004 12:25 PM
Subject: [ntfsd] Devlopment of Hard disk encryption system

> Hello guys
>
> I have been assigned to build Hard disk encryption system for windows
> 2k . Many such softwares exist (drive crypt , securedoc , winmagic ) but
> we would like to have our own system .
>
> The aim is to encrypt everything includeing the OS so the encryption will
> be low level ( sector level ) .
>
> I would like to ask for the help from you guys on how i should go about
> building the system . Especially the Boot Up part . I did read the
> previous posts but could not find much info on writing the Bootup system
> for such a sytem .
>
> Hoping for some answers …
>
> Thanking you
>
> Vikas Patial
> xxxxx@ngcoders.com
> http://www.ngcoders.com
> http://www.roboticsindia.com
>
>
>
>
>
>
>
>
> —
> Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com