On Thu, 3 Jun 1993, Patrick E. Hykkonen wrote:
This model of using a device driver means that there is going to have to be at least two partitions on the disk: one to boot from, and one to be encrypted. The device driver itself and the operating system can't be on the encrypted disk, because those components must be loaded before the encrypted disk is accessible. Most people are not
Why not have the device driver create a file (possibly of varying sizes) on the hard drive which the encryption device driver then makes look like another drive?!? This is how the compression programs work, seems to me a pretty
Hmm, nix on that, I would have to do some sector remapping, which would not only slow it down and make it more vulnerable, it would just be more crap that I would have to deal with which might crash the thing in the long run. Besides, I think that most people using this would actually PREFER to have more that one partition, with one unprotected. This would allow you to use the setup that I have mentioned before, with one 'fast' partition and one 'secure' partition. You would simply have to make sure that the system was booted from a 'fast' partition. Quick, simple, stuff that you don't have to be a genius to make work. (remember we are talking about protecting non-cypherpunks here as well as us computer gurus) I would like to implement a system in the future which would do compression as well as encryption (are there any good algorithms that just happpen to do both at the same time? Maybe somebody should get on that, it would certainly be useful) and that would require a system like you mention, but I will stay with simple for the first version. -Ryan the Bit Wallah