Re: Question, how do I decrypt data files without encryption key?

From: Harold Huggins (hrh@dslcomputer.com)
Date: 09/09/02 

From: "Harold Huggins" <hrh@dslcomputer.com>
Date: Sun, 8 Sep 2002 16:09:53 -0700

Torgeir,

Thanks for the resource information ...
Next time, I will avoid EFS

But, the EFS decrypy key must be located in a hidden file
some where on the file hard drive (e).

Because, how does the file know as to wheather or not if
it has the right decrypt key. If not on the O/S now
deleted drive (c)?

Harold

>-----Original Message-----
>Harold Huggins wrote:
>
>> My Windows 2000 O/S hard drive got infected with a
virus.
>> I mistakenly reformated the O/S drive without backing
up
>> the encryption key. My new o/s drive does not recognize
>> the encrypted data files located on old the hard drive.
>>
>> I attempted to decrypt as follows:
>>
>> To decrypt a file or folder
>> In Windows Explorer, right-click the
>> encrypted file or folder, and then click Properties.
>> On the General tab, click Advanced.
>> Clear the Encrypt contents to secure
data
>> check box.
>>
>> Question, how do I decrypt data files without encryption
>> key?
>
>Hi
>
>Sorry, you can't, that is the whole point with encryption.
>
>
>Here is my view on EFS:
>
>Do not to use encryption (EFS) unless you are in a domain
and you know what you
>are doing. Too much things can go wrong. You will most
likely sooner or later
>loose your data (for good). It is not without reason some
people calls EFS
>the "delayed Recycle Bin". Use NTFS permissions instead
to protect your data.
>
>The major problem with EFS is not having as proper backup
of the encryption
>keys, as well not having created a Recovery Agent (with
backup of the recovery
>agents keys). If you don't have this in place before you
start encrypting your
>files, and you need to reinstall you OS of some reason or
other, your files will
>
>not be recoverable. They will effectively be gone
forever. Read the links below,
>
>and understand what they say before you start using
encryption.
>
>
>But if you must, in this link:
>http://www.microsoft.com/WINDOWSXP/pro/techinfo/administra
tion/recovery/default.asp
>
>it is described how to create a data recovery agent
(DRA), and also gives
>information/links on to how to export keys, e.g.
>
>page 5 "Data Recovery on Standalone Machines"
>page 18 "Importing and Exporting Data Recovery Agent Keys"
>
>and page 49 "Knowledge Base Articles on EFS" you will
find e.g.
>
>Q241201 How to Back Up Your Encrypting File System
Private Key
>Q259732 EFS Recovery Agent Cannot Export Private Keys
>Q255742 Methods for Recovering Encrypted Data Files
>
>
>Reading Q255742, will give you this as well:
>
>Q241201 HOW TO: Back Up Your Encrypting File System
Private Key in Windows 2000
>Q242296 How to Restore an EFS Private Key for Encrypted
Data Recovery
>
>
>If your computer is not a member of an AD domain, this is
obligatory reading:
>
>page 34 "Using EFS with Standalone Machines or NT 4.0
Domains"
>
>--
>torgeir
>
>
>.
>

Relevant Pages

  • Re: decrypt my encrypted files
    ... If you use EFS, and since you are the admin of your own host, you are expected to read ALL the help articles in the included help regarding EFS. ... You then import that EFS certificate so the files that were encrypted using it can be decrypted using that same certificate. ... You can also designate another recovery agent to recreate the EFS cert for you, but you probably didn't do that, either. ... There is no backdoor to EFS if you don't have the cert to import or a recovery agent and there is no backdoor to TrueCrypt's password encryption. ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Protecting sensitive files on a Windows file server
    ... especially secure (using the file encryption is better though). ... Protecting sensitive files on a Windows file server ... recovery (which can also break EFS) and online password/data recovery ...
    (Security-Basics)
  • Re: EFS Private Keys
    ... It's possible to have a cluster that was in use that couldn't be wiped. ... > syskey was to EFS in W2K, ... >>> the private keys are protected however the key to the private key is ... >>> stronger encryption available for EFSfiles permanently if you don't. ...
    (microsoft.public.win2000.security)
  • Re: EFS Private Keys
    ... > The user and recovery agent private EFS keys are stored in the associated ... > the private keys are protected however the key to the private key is the ... > stronger encryption available for EFS. ...
    (microsoft.public.win2000.security)
  • Re: decryption without a password key
    ... EFS relies on the account credentials. ... There are some alternate methods involving a designated recovery agent. ... If you did use XP EFS encryption but do not have the certificates and did ...
    (microsoft.public.windowsxp.help_and_support)