Re: How to get my encrypted files back.
From: David Klotz (dklotz@cognitor.com)Date: 01/21/02
- Previous message: Thor@HammerofGod.com: "RE: Disabling Terminal Service access by default"
- In reply to: adept@hektik.com: "RE: How to get my encrypted files back."
- Next in thread: Eli Allen: "RE: How to get my encrypted files back."
- Next in thread: Eoghan Casey: "Re: How to get my encrypted files back."
- Reply: Eli Allen: "RE: How to get my encrypted files back."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David Klotz" <dklotz@cognitor.com> To: <focus-ms@securityfocus.com> Date: Mon, 21 Jan 2002 13:31:19 -0600
Well there is one significant difference: if you (Buba) have any unencrypted
versions of the files and the the corresponding encrypted versions, then you
might be able to launch a known plaintext attack. Unfotunately, this is
probably not going to be a big help. A little research indicated that MS
is using triple-DES to encrypt files in EFS. I'm not an expert
cryptographer by any strecth, but even with a known plaintext attack I
believe 3DES is close to practically unbreakable. Unless you've got a staff
of expert cryptanalysts and a whole lot of computing power you're probably
not goign to be able to decrypt these files.
Basically you have two options here: use a backup copy of your encryption
key, or convince the NSA that decrypting these files is a matter of national
security. If you have no backup, I'd start coming up with a pretty good
story to feed the spooks...
This does a pretty good job of explaining the situation:
http://www.8wire.com/articles/?AID=2594
-DK
----- Original Message -----
From: <adept@hektik.com>
To: <focus-ms@securityfocus.com>
Sent: Monday, January 21, 2002 10:39 AM
Subject: RE: How to get my encrypted files back.
> If you are able to retrieve these I'll be disappointed... You are in the
> same situation as an unauthorized person who has stolen encrypted files it
> sounds like.
>
> -----Original Message-----
> From: Buba - [mailto:bresso_k@hotmail.com]
> Sent: Saturday, January 19, 2002 9:03 AM
> To: focus-ms@securityfocus.com
> Subject: How to get my encrypted files back.
>
>
>
>
> A few weeks ago I wanted to encrypt my files. I found
> the option under file->properties->advanced-
> >'Encrypt contents to secure data', so I selected the
> files and execute this operation.
>
> But then my WinXP(prof.) crashed and I had to
> reinstall (format.., install) WinXP.
> After the installation when I opened one of my
> encrypted files, I got messages: "Don't have
> premission to open the file", etc.
>
> I searched the web and found some options:
> - That you can import a certificate in MMC, but I don't
> have it anymore.
> - That you can ask for a 'new certificate' in MMC, if
> you have a connection with the 'Active Directory'. I
> haven't one.
> - That you can make a 'Recovery Agent' in MMC (or a
> subprogram of it). But there I have to select a *.CER-
> file, which I haven't.
>
> Is it in any way possible to decrypt my (important)
> files
>
> Things I have thought of are downloading a *.CER-file
> from the internet and use it in #1 or #3 (see above)
> OR connect to the 'Active Directory' (see #2) in a
> way.
>
> Please help me because it is very important
> information that I encrypted.
> Thanks in advance.
>
>
- Previous message: Thor@HammerofGod.com: "RE: Disabling Terminal Service access by default"
- In reply to: adept@hektik.com: "RE: How to get my encrypted files back."
- Next in thread: Eli Allen: "RE: How to get my encrypted files back."
- Next in thread: Eoghan Casey: "Re: How to get my encrypted files back."
- Reply: Eli Allen: "RE: How to get my encrypted files back."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
