Understanding Windows Architecture – My Way

Path Every Engineer Should Know!


I have been a great follower of world renowned driver developers , system programmers. This include Doron, Peter, Tony , Landy ( Distinguished Engineer ), Mark , David , the list goes on. Understanding the system architecture enables engineers to develop, debug operating system components in precise manner.


Many have asked in the forums, what is the path to learn driver development and I feel every engineer should know

·         Basic / intermediate level of Assembly Language

·         Strong C programming language

·         Intel Architecture would be advantage


With the above criteria, one can start learning driver development. Remember that there are absolutely no shortcuts to learn this and strictly speaking this is only for people who has strong passion about operating systems. You cannot imagine to copy and paste the code available on the internet. You have to struggle hard to understand the system internals, then digest windows DDK as much as possible , http://www.microsoft.com/whdc/devtools/WDK/default.mspx .Above mentioned experts has been into the business since 15 years and counting and they feel there are lot many components of operating system to understand. One should learn how to debug the code which they have written, and you will start appreciating C programming language. I would say WDF is making programmers life easy but if you are legacy developer you would say really not appreciate because the internal implementation are hidden which makes life difficult when a programmer starts debugging it.


There are many options to learn driver programming by keeping the above as pre-requisites you can follow the below path

·         Complete the reading of Windows Internals 5th edition



·         OSR seminars is the best way to do hands on labs. OSR has world renowned engineers , you cannot ask better than this !



·         If you cannot afford, then but I would suggest few best books

1.    Walter Oney “Microsoft Windows Driver Model”

2.    Art Baker “The windows 2000 Device Driver Book”

3.    Peter Viscarola “Windows NT Device Driver Development”

4.    Rajeev Nagar and Peter “NT File System Drivers”

5.    Jeffrey Richter “Programming Applications for Microsoft Windows”


By now you have understood the effort required to become a driver developer. Remember that you still need to become a good assembly programmer which you should keep it as side task, this makes your debugging easy. My next posts will kick-off the basics of system architecture , I would make sure I cover the most which would be helpful for new aspirants for learning driver development or Windows architecture.









Data Encryption And PKI Basics

Data Encryption And PKI Basics  


One of the complex subject for every system engineer or application developer is data security and integrating the security algorithms to encrypt the data. There are different terms to be understood in encryption. Encryption and Decryption of data is not tied to particular operating system or any application. My article would cover basics of encryption mechanisms and dive into Microsoft Certificate Authority implementation.


I would like to explain in simple terms which is understandable by engineers. Data encryption is a method of protecting the data from attacks, this protection is done with the combinations of algorithms and keys.


At the very least you need to have Algorithm and a key to protect the data or encrypt the data. Applications should take advantage of the available algorithms and usage of the keys to protect their data. There are 2 different types of algorithms

  • Symmetric Algorithm
  • Asymmetric Algorithm.


Both the above algorithm modes implements different techniques to protect / encrypt the data which we will discuss in the later sections of the article.




Terms: Understanding terms is important , so I have outlined few of them below which I would go in depth , but this helps engineers to understand the engineering behind encryption and decryption process.


Cryptography : A process to hide data from one form to another. The plain text data is converted into unreadable form and then decrypted back to the readable form using algorithms and keys.



Keys: This is one of the building block of encryption and forms an important aspect to understand its importance. Key is simply a integer number. Keys are used to encrypt or decrypt the data. Keys are generated  either using algorithm / Random Number Generators. Key should always be long which makes attacker difficult to attack either using Brute Force attack mechanism.  An Attacker who obtains the key can easily read the data being sent from source to destination.



Private Key : Key which cannot be published to different users  



Public Key : Key which can be published to one or more users.



Symmetric Algorithm : This uses one single key for both encryption and decryption



Asymmetric Algorithm: This algorithm has one public key and one private key.

                                          One important consideration is that public key can be

                                           Distributed but private key cannot. So this distribution

                                           Can be done through AD digital certificates method.



Hash Algorithm: This one is tricky because it accepts one input and produce 2

                               Mathematical output which is referred as hash value






Algorithm Types :


Symmetric Algorithms : DES , Triple DES , AES , RC4 and RC2 . I have covered major algorithms in use.



Asymmetric Algorithms : Diffie Hellman , DSA and RSA.



Hash Algorithms :  MD5 and SHA1.





In this article we have understood the very basics of PKI infrastructure. We will further continue and explore more on the process and designing the PKI.





Cristina Satizábal , Juan Hernández-Serrano , Jordi Forné , Josep Pegueroles, Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks, Computer Communications, v.30 n.7, p.1498-1512, May, 2007



Bu-Sung Lee , Wing-Keong Woo , Chai-Kiat Yeo , Teck-Meng Lim , Bee-Hwa Lim , Yuxiong He , Jie Song, Secure communications between bandwidth brokers, ACM SIGOPS Operating Systems Review, v.38 n.1, p.43-57, January 2004