ifarqhar@sunb.mqcc.mq.oz.au (Ian Farquhar) (01/15/91)
In article <6145@berry12.UUCP> kutem@rtsg.mot.com (Jon Kutemeier) writes: >I am looking for two things: > >1) How would I alter the bootblock on my harddrive so that it would > execute a password protection program upon booting (the program > would also reside on the boot partition)? Last time I asked tech support, they told me that a HD bootblock is never read, so the answer could be either very easy (because it isn't worth doing), or very hard ('cause you're in for some heavy hacking.) This is backed up (no pun intended) as a boot-block virus has never, to my knowledge, infected a hard disk. >2) Does anyone have the algorithm for a fairly secure encryption > program (as optimal as possible :) )? DES is around. Try typing in the source in Andrew Tanenbaum's "Computer Networks." DES is moderately secure, in that although the NSA (or whoever) can almost certainly break it, most people cannot. However, if by "optimal" you mean fast, forget software implementations of DES. They are notoriously slow. This slowness was one of the reasons UNIX uses DES to encrypt its passwords. What else? RSA or variant. Again, it will be slow, and you will need to do a huge amount of integer math on numbers hundreds of digits in size, and again it is almost certain that the powers-that-be have a fast way of factorising primes (which makes this system quite open to attack.) However, if you are wanting an easy encryption method that could be coded in little time, have a look at the German enigma machine (also used in the UNIX crypt (1) command.) Very simple to implement as arrays of indexes into other arrays, and could be very fast. As the NSA is too paranoid to let this simple encryptor loose on the rest of the world (as everyone knows that a non-US citizen is a terrorist in the pay of Iraq, the Soviet Union or the boggie-man), then they don't ship it with UNIX outside the US. As such, there are lots of clones, and sources shouldn't be too hard to find. The enigma machine is reasonably secure, though any serious cryptography expert should be able to crack it moderately easily. -- Ian Farquhar Phone : 61 2 805-9400 Office of Computing Services Fax : 61 2 805-7433 Macquarie University NSW 2109 Also : 61 2 805-7420 Australia EMail : ifarqhar@suna.mqcc.mq.oz.au
kutem@rtsg.mot.com (Jon Kutemeier) (01/16/91)
I am looking for two things: 1) How would I alter the bootblock on my harddrive so that it would execute a password protection program upon booting (the program would also reside on the boot partition)? 2) Does anyone have the algorithm for a fairly secure encryption program (as optimal as possible :) )? Thanks! Jon Kutemeier___________________________________________________________________ ------------------Software Engineer /XX\/XX\ phone:(708) 632-5433 Motorola Inc. Radio Telephone Systems Group ///\XX/\\\ fax: (708) 632-4430 1501 W. Shure Drive, Arlington Heights, IL 60004 uucp: !uunet!motcid!kutemj -- Jon Kutemeier___________________________________________________________________ ------------------Software Engineer /XX\/XX\ phone:(708) 632-5433 Motorola Inc. Radio Telephone Systems Group ///\XX/\\\ fax: (708) 632-4430 1501 W. Shure Drive, Arlington Heights, IL 60004 uucp: !uunet!motcid!kutemj
dej@qpoint.amiga.ocunix.on.ca (David Jones) (01/16/91)
>1) How would I alter the bootblock on my harddrive so that it would > execute a password protection program upon booting (the program > would also reside on the boot partition)? Sorry to say this, but hard drives don't have bootblocks. In a way, that is an advantage because they can't get bootblock viruses. As far as passwords go, your best bet for a secure system would be to write a device that calls hddisk.device (or whatever) and encrypts/decrypts info from a partition other than the boot partition. The encryption key could be derived from a user password. -- David Jones UUCP: dej@qpoint.amiga.ocunix.on.ca Fido: 1:163/109.8
SteveX@omx.UUCP (Steve Tibbett) (01/21/91)
In article <dej.0021@qpoint.amiga.ocunix.on.ca> dej@qpoint.amiga.ocunix.on.ca (David Jones) writes: >Sorry to say this, but hard drives don't have bootblocks. In a way, that >is an advantage because they can't get bootblock viruses. As far as >passwords go, your best bet for a secure system would be to write >a device that calls hddisk.device (or whatever) and encrypts/decrypts >info from a partition other than the boot partition. The encryption >key could be derived from a user password. They don't have bootblocks, they have "RigidDiskBlocks", and that's where the filesystem lives. It would be possible to write an alternate file system to there, and have it load the real file system after some sort of verification - that would be an interesting project. Certainly not one I'd want to get into. -- ...Steve Tibbett...bix=s.tibbett...Plink=STEVEX...BBS=613-731-3419... ...VirusX=4.01...Insert Disclaimer Here...