A method for protecting information on floppy disks from unauthorized copying.

Method of protecting information on floppy disks from unauthorized copying.

Method of protecting information on floppy disks from unauthorized copying

When ensuring the safety of information resources of personal computers, much depends on the choice of methods for protecting information on floppy disks (floppy disks) from unauthorized copying.

The authors of this article, in addition to the classic change in the structure of the floppy disk (binding to the time parameters of reading and writing, non-standard marking of tracks and changing the inter-sector distance), propose using methods of encoding information stored on a floppy disk in accordance with the algorithm of cryptographic transformation according to GOST 28147-89 in the gamma mode with feedback [1].

The cryptographic transformation algorithm is intended for hardware or software implementation, satisfies cryptographic requirements, and its capabilities do not impose restrictions on application. By establishing a single cryptographic transformation algorithm for information processing systems, it defines the rules for data encryption and generation of imitation prefixes and is recommended for organizations, enterprises and institutions that use cryptographic protection of information stored and transmitted in computer networks, in individual computing complexes or individual computers.

The feedback gamma mode was chosen as providing the greatest cryptographic stability of the system: as a result of the chaining of information blocks, a change in one bit in the input information flow leads to a change in the entire output flow, since the coding of each information block depends on the coding of the previous block.

For a clearer understanding of the essence of the method of protecting information on floppy disks from copying, let us consider the differences between the standard structure of a floppy disk and the structure implemented in this method.

On a standard floppy disk after formatting, four main areas can be distinguished, namely: the boot area, the file allocation table area (FAT area), the root directory (directory area) and the data area. The boot sector is always the first sector on the floppy disk, and this is where information about how the floppy disk is organized is written. Due to this, the operating system allows you to work with a large set of differently organized floppy disks.

The purpose of some bytes of the boot sector, which describe the organization of the floppy disk, are given below:

11-12 bytes — the number of bytes in a sector;
13 bytes — the number of sectors in a cluster;
14-15 bytes — the number of reserve sectors;
16 bytes — the number of FAT copies;
17-18 bytes — the number of positions in the root directory;
19-20 bytes — the number of sectors on the disk;
21 bytes — the disk type code.

The next important area is the FAT, where the operating system assigns sectors to various files. Here, each sector has its own record containing information about whether the sector is occupied by a file or not, and if so, which one, and also information about damaged sectors.

The size of the file allocation table depends on the disk size: the higher its capacity, the larger the table should be to store information about all disk sectors. For greater reliability, there may be several such tables (usually there are two for a standard 3.5-inch floppy disk with a capacity of 1.44 MB).

The root directory stores information about files, directories, their creation time and date, sizes and other necessary data. Each directory position is allocated 32 bytes, the purpose of which is given below:

1-8 — file name;
9-11 bytes — name extension;
12 bytes — file attributes;
13-22 bytes — in the operating system reserve;
23-24 bytes — creation time;
25-26 bytes — creation date;
27-28 bytes — initial cluster;
29-32 bytes — file size.

All the remaining disk space is the data area where information is stored.

Using the method of protecting information on floppy disks from copying involves creating a floppy disk structure that is different from the standard one.

When formatting a floppy disk, the following partitions are created: the system area and the data area. The system area contains the file size in bytes, its name and extension, the password with which the file was encrypted, information about the order of the sectors and damaged sectors. The system area and the data area are stored in encrypted form.

On standard floppy disks, DOS creates a table of their placement when writing files, which specifies the sequence of the sectors for each file. Using the classic method of changing the drive parameters prevents the possibility of viewing the floppy disk using conventional tools that work with standard floppy disk formats, as a result of which such a floppy disk cannot be copied without special programs.

Using the DISK EXPLORER program, you can analyze the logical structure of a floppy disk and, having read each sector, make separate copies of the sectors located on the floppy disk) after changing the drive parameters. But obtaining the full volume of information in this case is not possible, since the sequence of the sectors with data is unknown to the user, and determining the desired sequence will require trying many combinations. In addition, each sector is encoded in the feedback mode, and its decoding will depend on the decoding of the previous sector.

In order to change the operating mode of the floppy disk drive, it is necessary to modify the contents of certain RAM cells. At address 0000h:0078h there is an indication of the data table that is used by the drive controller when working with a floppy disk, and changing these parameters will allow working with non-standard floppy disk formats.

This method uses formatting with parameters that differ for each sector. Two sectors are used to store system information (size, full file name, data on the order of sectors and bad sectors, the password with which the file was encrypted).

During formatting, the quality of writing and reading the sector is checked, since the permissible volume on the diskette may change due to the potential presence of damaged sectors. After that, the free volume on the disk is calculated and compared with the size of the file being written.

When restoring a file, the user is asked for a password, by means of which the system area is decoded and the password obtained during the decoding process is checked. If there is a mismatch, the work is terminated. In case of a positive result, new parameters are set for the drive, and the file written to the disk is decoded.

The main advantage of the developed method is the high cryptographic resistance of information recorded on a floppy disk, which is achieved through the use of a cryptographic transformation algorithm based on GOST 28147-89. The use of an additional mode for generating a imitation attachment according to this GOST ensures protection of the information on the disk from changes and imitation.

Based on the described method, software was developed and debugged that implements its operation in practice, which includes programs for writing information to the disk and reading information from the disk.

Compared to existing standard programs for personal computers, the reading and writing time is reduced by 10%.