CryptProtectMemory Internals

---

• From: vstots@xxxxxxxxx
• Date: 3 Jan 2006 06:44:30 -0800

---

Hey.

I've looked all around and couldn't find the answers, so if this was
already posted somewhere - I apologize.

I've read that CryptProtectData encrypts data using a key derived from
the user's credentials.
I assume CryptProtectMemory works pretty much the same.
Therefore, the encryption's strength is derived from the user's
password's strength.

How does this work for Local System account?
Say a service that runs with Local System account uses
CryptProtectMemory - how strong is the encryption? How strong is Local
System's password (if there is such a thing)?

and in a more general approach: Is it publicly known how
CryptProtectData/CryptProtectMemory actually work? What does "derived
from credentials" mean in practice?

Thanks,
Ran.

.

---

• Follow-Ups:
  • Re: CryptProtectMemory Internals
    • From: John Banes

• Prev by Date: Re: Getting the account DN from the account name in password filte
• Next by Date: Removable media, ACLs and access tokens.
• Previous by thread: Re: Getting the account DN from the account name in password filte
• Next by thread: Re: CryptProtectMemory Internals
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2006-01