Can you tell me is it possible for a driver to maintain a driver to driver or driver to use mode application communications that is encrypted in both directions ? Could a public/private key channel be created using only kernel mode driver ? Secondly can a WFP filter driver or NDIS filter driver communicate with a user mode application or with another kernel mode filter driver located somewhere else on the local subnet or local network ?
Yes. Starting witn Windows Vista, you can use CNG API to do encryption, signing and other cryptographic tasks. The advantage of the API is that it is the same for kernel and user code, so its kinda portable.
https://msdn.microsoft.com/en-us/librar ... 10(v=vs.85).aspx
WFP and NDIS drivers definitely can communicate with applications or other drivers. Probably the easiest way of doing this is to create a device object and communicate via IRPs.