RE: Does W2K hold user's email, EFS etc private key securely ?

From: Fred.Langston@guardent.com
Date: 09/06/02 

From: Fred.Langston@guardent.com
To: fp56@dial.pipex.com, focus-ms@securityfocus.com
Date: Thu, 5 Sep 2002 19:52:54 -0400

Hi Phil,

Everything depends on whether you are implementing EFS via GPO or locally,
so more info is needed.

Big points to remember:

-LSASS handles EFS key management and uses the CryptoAPI, after LSASS
everything runs in kernel mode
-your FEK (public key) is stored in every encrypted file
-the keys are stored locally during an interactive session in what MS calls
certificate storage or protected storage, a secure hard disk area (at least
so far).
-Only the Cryptographic Provider modules running in kernel mode can access
private keys.
-Only the CertificateHash value is stored in the registry, not the keys
(HKEY_CURRENT_USER\ Software\Microsoft\Windows NT\CurrentVersion\
EFS\CurrentKeys\CertificateHash)
-smart card key storage is available in XP

Hope this helps.

Fred Langston, CISSP
  Principal Consultant
  W: 206.903.8147 x223 F: 206.903.1862 M: 425.765.3330
  Seattle, WA www.guardent.com
________________________________________
G U A R D E N T
  Enterprise Security and Privacy Programs

-----Original Message-----
From: Phil Pinder [mailto:fp56@dial.pipex.com]
Sent: Thursday, September 05, 2002 2:09 AM
To: focus-ms@securityfocus.com
Subject: Does W2K hold user's email, EFS etc private key securely ?

Hi all,

I'd be grateful if anyone can provide an answer to the following questions:

On Windows 2000 or .Net server, if a user/administrator creates
public/private keys for use in EFS, email encryption etc, where is the
user's private key actually stored, and how is this location protected. Is
it secure?

Is the private key held in the registry for example and how is it itself
encrypted - using the Windows password I'm guessing since you are never
prompted for a separate passphrase to protect this key.

If held on the workstation, how is it retrieved if you email from a
different workstation?

Many thanks

Phil Pinder

Relevant Pages

  • Re: EFS Private Keys
    ... password is important to ensure that EFS ... > the private keys are protected however the key to the private key is the ... > stronger encryption available for EFSfiles permanently if you don't. ... >> Is there some super-secret OS key that is used to protect all private ...
    (microsoft.public.win2000.security)
  • Re: efs and "encryption" overall... help?
    ... What I referred to was that the only way to make totally sure that the EFS ... encrypted files are safe is to export/delete the certificate and private key ... require the user to enter the password used to protect the private key. ... >> uses much stronger encryption to encrypt EFS files, ...
    (microsoft.public.windows.server.networking)
  • Re: Replace Domain Controller
    ... Depending on your EFS recovery you may also want to backup your EFS private ... Export your Private Key from Recovery Agent ... private key so that you can recover encrypted data in the event that you ...
    (microsoft.public.windows.server.active_directory)
  • Re: Self-Signed EFS and AD
    ... EFS needs your private key available locally to work. ... Certs are public infomation and hence published to AD. Private keys ... > Certificate instead of creating a new one every time I change a PC? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: EFS recovery problem
    ... Peter & Roger, ... This seems to be exactly what "broke" my efs. ... it appears the private key may be gone. ... Dave ...
    (microsoft.public.windowsxp.security_admin)