Hi,
I want to create an encrypting file system like EFS using minifilter.
I will be encrypting the files block by block using some chaining mode
within a block. So if a read/write request comes at some offset within the
block, how am I supposed to go about doing it because for
encrypting/decrypting I need the whole block.
What I feel is that I will have to first read the whole respective
blocks, encrypt/decrypt it , get the asked data from the encrypted/decrypted
blocks and complete the request.
Is this approach correct or is there some other way?
Dhirendra
> Is this approach correct or is there some other way?
Absolutely. If you look at the storage stack you will see that this read/modify/write paradigm crops up all over the place. In practice if you pick your block size carefully you can avoid doing too much of this. For instance if you make it sector sized. Alternatively you could make it paged size, and then you’d only need to worry about alignment in the noncached path.
Of course, depending on your encryption mechanism EOF will also be problematic in the non cached case…
“DHIRENDRA ram” wrote in message news:xxxxx@ntfsd…
Hi,
I want to create an encrypting file system like EFS using minifilter. I will be encrypting the files block by block using some chaining mode within a block. So if a read/write request comes at some offset within the block, how am I supposed to go about doing it because for encrypting/decrypting I need the whole block.
What I feel is that I will have to first read the whole respective blocks, encrypt/decrypt it , get the asked data from the encrypted/decrypted blocks and complete the request.
Dhirendra
Thank you for your reply.
On Tue, Feb 15, 2011 at 3:10 PM, Rod Widdowson wrote:
> > Is this approach correct or is there some other way?
> Absolutely. If you look at the storage stack you will see that this
> read/modify/write paradigm crops up all over the place. In practice if you
> pick your block size carefully you can avoid doing too much of this. For
> instance if you make it sector sized. Alternatively you could make it paged
> size, and then you?d only need to worry about alignment in the noncached
> path.
>
> Of course, depending on your encryption mechanism EOF will also be
> problematic in the non cached case…
>
>
>
>
> “DHIRENDRA ram” wrote in message
> news:xxxxx@ntfsd…
> Hi,
> I want to create an encrypting file system like EFS using minifilter.
> I will be encrypting the files block by block using some chaining mode
> within a block. So if a read/write request comes at some offset within the
> block, how am I supposed to go about doing it because for
> encrypting/decrypting I need the whole block.
> What I feel is that I will have to first read the whole respective
> blocks, encrypt/decrypt it , get the asked data from the encrypted/decrypted
> blocks and complete the request.
>
> Dhirendra
>
> —
> NTFSD is sponsored by OSR
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Hi Rod,
On Tue, Feb 15, 2011 at 3:10 PM, Rod Widdowson wrote:
> > Is this approach correct or is there some other way?
> Absolutely. If you look at the storage stack you will see that this
> read/modify/write paradigm crops up all over the place. In practice if you
> pick your block size carefully you can avoid doing too much of this. For
> instance if you make it sector sized. Alternatively you could make it paged
> size, and then you?d only need to worry about alignment in the noncached
> path.
>
Thanks for these comments. Actually, I read up a lot of EFS architecture
material available online, and found that what I need to is quite similar to
what EFS already does (basically the encrypting file system we’re designing
has some additional key management features over EFS but the basic file
encryption / decryption mechanism is same). So I was wondering if you are
aware of some lower-level implementation details about the EFS driver and
EFS FSRTL modules.
> Of course, depending on your encryption mechanism EOF will also be
> problematic in the non cached case…
>
>
> “DHIRENDRA ram” wrote in message
> news:xxxxx@ntfsd…
> Hi,
> I want to create an encrypting file system like EFS using minifilter.
> I will be encrypting the files block by block using some chaining mode
> within a block. So if a read/write request comes at some offset within the
> block, how am I supposed to go about doing it because for
> encrypting/decrypting I need the whole block.
> What I feel is that I will have to first read the whole respective
> blocks, encrypt/decrypt it , get the asked data from the encrypted/decrypted
> blocks and complete the request.
>
> Dhirendra
>
>
> So I was wondering if you are aware of some lower-level implementation details about the EFS driver and EFS FSRTL modules.
I don?t have source access ? others here do an might be able to comment.
My observation is that EFS is deeply embedded inside NTFS and that there is a private api up into usermode which will bit you when you least expect it.