Windows Nt's Drive-level Encryption And Decryption Technology Research And Implementation

Data security of WindowsNT system has been the focus of application research for a long time.although a kind of method have been used to protect data in windows file system from sniffing,cracker can always find the way to get the data they want.Encryption is the main measure of data protection,but almost all the process of file encryption in the application layer can be monitored and the cracked.So,the reliability of encryption software in the Application layer has been greatly reduced.If we use hardware to do encryption,the reliability can be guaranteed, but it cost more money and not easy to handle.There is a lot to be said for the Driver-Level encryption. Either It is unlike application layer software can be easily cracked,or it is easier to handle than the other two encrypt operation.It run in the background,auto encrypt/decrypt the files,in which secret was keeped.It simplify operation to encrypt/decrypt file,and avoid data leakage which is caused by the bad operation by this users without experience.Author mean to design a filter software working in Windows kernel.The software has several major functions:one is monitoring file system's operation,the other is doing transparent encryption and decryption for User-specified files,another is providing file access control subsidiary.Although the principles of drive-level encryption software are not complicated,in the condition WindowsNT is a no open source OS,it is a lot different to make drive-level encryption software available.In this article, author analysed the principle of filter driver firstly,then Then designed a program frame according to principles.Fina- lly,author did a implement for the design.Author had encountered many of problems in the implementation, such as how to coperate IRP, identify the location of encryption, caching file data, choose encryption algorithm, etc. Author compared and analyzed the existing solutions, not only draw on the previous point,but also raised own solutions.Finally,author made a simple test for program from effectiveness, stability and efficiency,and get some preliminary conclusions about drive-level encryption technology.