Re: How good is W2K encryption
From: Drew Cooper [MSFT] (dcoop_at_online.microsoft.com)
Date: 05/20/04
- Next message: Drew Cooper [MSFT]: "Re: "RunAs" utility"
- Previous message: Drew Cooper [MSFT]: "Re: MS Certificate Services error"
- In reply to: Vladimir Katalov: "Re: How good is W2K encryption"
- Next in thread: Peter Kaufman: "Re: How good is W2K encryption"
- Reply: Peter Kaufman: "Re: How good is W2K encryption"
- Reply: Vladimir Katalov: "Re: How good is W2K encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 May 2004 18:53:27 -0700
Having an encryption key (certificate) doesn't mean you also have the
decryption key (private key - not in the certificate).
In a domain, not running as local system, EFS is pretty good - only knowing
the user's password or brute-forcing the crypto gains access to a file's
contents.
XP SP1 and later use AES as their symmetric algorithm by default. And XP
has a fix for the Win2k non-domain loophole.
-- Drew Cooper [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. "Vladimir Katalov" <vkatalov@elcomsoft.com> wrote in message news:2h12ilF7nebeU1@uni-berlin.de... > "Peter Kaufman" <no@email.com> wrote in message > news:an9ma0hrjdhb1i513qvg7ua3m6mjpg5a6f@4ax.com... > > Assuming one could get a copy of a file or folder, how difficult would > > it be to break the encryption? Are there commercial services that can > > do that? (My M.D. wants to know!) > > > > Is there any difference between W2K and XP encryption? > > So you mean EFS (Encrypting File System)? Under W2K, it is not very reliable > - if you have certificates (encryption keys), the files can be decrypted > even without > knowledge of password. Under XP, it is much better, but still can be broken > if > password is known. Have a look at "Advanced EFS Data Recovery": > > http://www.elcomsoft.com/aefsdr.html > > Some technical details (presentation on BlackHat security conference): > > http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-malyshev.pdf > > -- > Sincerely yours, > Vladimir > > Vladimir Katalov > Managing Director > ElcomSoft Co.Ltd. > Member of Association of Shareware Professionals (ASP) > Member of Russian Cryptology Association > mailto:vkatalov@elcomsoft.com > http://www.elcomsoft.com >
- Next message: Drew Cooper [MSFT]: "Re: "RunAs" utility"
- Previous message: Drew Cooper [MSFT]: "Re: MS Certificate Services error"
- In reply to: Vladimir Katalov: "Re: How good is W2K encryption"
- Next in thread: Peter Kaufman: "Re: How good is W2K encryption"
- Reply: Peter Kaufman: "Re: How good is W2K encryption"
- Reply: Vladimir Katalov: "Re: How good is W2K encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
