Re: How to get my encrypted files back.

From: David Klotz (dklotz@cognitor.com)
Date: 01/21/02


From: "David Klotz" <dklotz@cognitor.com>
To: <focus-ms@securityfocus.com>
Date: Mon, 21 Jan 2002 13:31:19 -0600

Well there is one significant difference: if you (Buba) have any unencrypted
versions of the files and the the corresponding encrypted versions, then you
might be able to launch a known plaintext attack. Unfotunately, this is
probably not going to be a big help. A little research indicated that MS
is using triple-DES to encrypt files in EFS. I'm not an expert
cryptographer by any strecth, but even with a known plaintext attack I
believe 3DES is close to practically unbreakable. Unless you've got a staff
of expert cryptanalysts and a whole lot of computing power you're probably
not goign to be able to decrypt these files.

Basically you have two options here: use a backup copy of your encryption
key, or convince the NSA that decrypting these files is a matter of national
security. If you have no backup, I'd start coming up with a pretty good
story to feed the spooks...

This does a pretty good job of explaining the situation:

http://www.8wire.com/articles/?AID=2594

-DK

----- Original Message -----
From: <adept@hektik.com>
To: <focus-ms@securityfocus.com>
Sent: Monday, January 21, 2002 10:39 AM
Subject: RE: How to get my encrypted files back.

> If you are able to retrieve these I'll be disappointed... You are in the
> same situation as an unauthorized person who has stolen encrypted files it
> sounds like.
>
> -----Original Message-----
> From: Buba - [mailto:bresso_k@hotmail.com]
> Sent: Saturday, January 19, 2002 9:03 AM
> To: focus-ms@securityfocus.com
> Subject: How to get my encrypted files back.
>
>
>
>
> A few weeks ago I wanted to encrypt my files. I found
> the option under file->properties->advanced-
> >'Encrypt contents to secure data', so I selected the
> files and execute this operation.
>
> But then my WinXP(prof.) crashed and I had to
> reinstall (format.., install) WinXP.
> After the installation when I opened one of my
> encrypted files, I got messages: "Don't have
> premission to open the file", etc.
>
> I searched the web and found some options:
> - That you can import a certificate in MMC, but I don't
> have it anymore.
> - That you can ask for a 'new certificate' in MMC, if
> you have a connection with the 'Active Directory'. I
> haven't one.
> - That you can make a 'Recovery Agent' in MMC (or a
> subprogram of it). But there I have to select a *.CER-
> file, which I haven't.
>
> Is it in any way possible to decrypt my (important)
> files
>
> Things I have thought of are downloading a *.CER-file
> from the internet and use it in #1 or #3 (see above)
> OR connect to the 'Active Directory' (see #2) in a
> way.
>
> Please help me because it is very important
> information that I encrypted.
> Thanks in advance.
>
>



Relevant Pages

  • Re: Cant decrypt w/admin acct
    ... >>First off you need to rule out a permissions problem. ... >>Run mmc and select the certificate snapin for user and go ... >>used to decrypt the files. ... The certificate is a "key pair" in that the certificate is used to encrypt the files ...
    (microsoft.public.win2000.security)
  • RE: Plz help me
    ... When you want to encrypt a message you have to encrypt using the ... your public key (from YOUR certificate) to verify your signature. ... but when i m trying to decrypt and verify that Message using receiver's ...
    (microsoft.public.platformsdk.security)
  • Re: Encryption Problem
    ... the private key associated to that public key to decrypt that message. ... private key associated to the public key you are using to encrypt on the ... > certificate present in the certificate store. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • RE: NTE_BAD_DATA
    ... They are NOT used DIRECTLY to encrypt / decrypt data; ... you should generate a RANDOM SESSION KEY and select a SYMMETRIC ENCRYPTION ... // imported from a BLOB read in from the source file or having ...
    (microsoft.public.platformsdk.security)
  • Re: Back Doors
    ... >> Design into the system a master key. ... Encrypt that with public key. ... Decrypt random symmetric key with private key. ...
    (sci.crypt)