Cryptographic Software for INFOSEC under Windows®
This material is presented through the courtesy of Cerberus Systems, Inc. It is excerpted from the section that I authored for the online help file of DOCUMENT SECURITY MANAGER v1.2 entitled: "Cryptosystem Usage Guidelines." Time permiting, I hope to expand it into a broader tutorial as I did with Al's WinSock Tuning FAQ. As long as you include the copyright notice, you may use portions of its content for any no-fee purpose except posting on another web site. Neither I, nor Cerberus Systems, Inc. can assume any liability for your use of its contents.
The Windows® family of personal computer operating systems are the most widely employed operating systems in the world. However, they were not designed for security, nor were the IBM®-compatible personal computers on which they run.
The DOS/Windows® architecture makes it fundamentally impossible for any software to deny a knowledgeable attacker access to a PC's system resources. Consequently, as many security professionals are quick to point-out, add-on products cannot transform a Windows® PC into a secure system. However, it is possible to cryptographically control access to your data. Unfortunately, this requires more than is provided by many commercial encryption products.
Effective encryption obviously requires strong (export-controlled) ciphers, performed by a securely implemented cryptographic engine that meets the applicable standards for such ciphers, for their secure implementation, and for their secure modes of use. Clearly, there are many products which do not meet such standards. (See Matt Curtin's Encryption Snake Oil FAQ for tell-tale clues to identifying them.) However, even products that meet such standards can be inadequate, since the cryptographic engine must also be combined with secure key-generation and access control functions into a high-grade cryptosystem.
A high-grade cryptosystem must be designed "from the ground up" to meet the Security Requirements for Cryptographic Modules (FIPS PUB 140-1), so as to not leak keying information or commit the other sins of implementation covered by its extensive Derived Test Requirements. In addition, the design must not purchase your data's confidentiality at the expense of its integrity or its availability. (For example, power transients or system crashes in mid-encryption must not damage your data. Encryption must also not interfere with back-up software.) However, even such a cryptosystem is no guarantee of data security, if your operating system can circumvent it by leaving copies of un-encrypted data lying around.
Unfortunately, Windows® has several inherent ways in which it can leak partial or complete copies of sensitive data around the strongest encryption. This tutorial discusses the features that must be included in a Windows® cryptosystem to plug these leaks, and system configuration issues affecting their effectiveness.
UPDATE: Cerberus Systems, Inc. has expanded this material and incorporated it into the Cerberus INFOSEC Tutorial, which is shipped as Windows Help files with their (also updated) cryptographic products, and posted in an HTML version on their web-site. I've replaced my original pages with links to their corresponding web-pages. Through their courtesy, I've posted here free downloads of the 16-bit and 32-bit compressed help-files for off-line viewing. Each file is about 58K. To use the search capability of the Windows 95 or Win32s version of Help you should also download the less-than-300-byte tutorial.cnt file.