Re: How good is W2K encryption

From: Drew Cooper [MSFT] (dcoop_at_online.microsoft.com)
Date: 05/20/04 

Date: Wed, 19 May 2004 18:53:27 -0700

Having an encryption key (certificate) doesn't mean you also have the
decryption key (private key - not in the certificate).

In a domain, not running as local system, EFS is pretty good - only knowing
the user's password or brute-forcing the crypto gains access to a file's
contents.

XP SP1 and later use AES as their symmetric algorithm by default. And XP
has a fix for the Win2k non-domain loophole. 

-- 
Drew Cooper [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
"Vladimir Katalov" <vkatalov@elcomsoft.com> wrote in message
news:2h12ilF7nebeU1@uni-berlin.de...
> "Peter Kaufman" <no@email.com> wrote in message
> news:an9ma0hrjdhb1i513qvg7ua3m6mjpg5a6f@4ax.com...
> > Assuming one could get a copy of a file or folder, how difficult would
> > it be to break the encryption? Are there commercial services that can
> > do that?  (My M.D. wants to know!)
> >
> > Is there any difference between W2K and XP encryption?
>
> So you mean EFS (Encrypting File System)? Under W2K, it is not very
reliable
> - if you have certificates (encryption keys), the files can be decrypted
> even without
> knowledge of password. Under XP, it is much better, but still can be
broken
> if
> password is known. Have a look at "Advanced EFS Data Recovery":
>
> http://www.elcomsoft.com/aefsdr.html
>
> Some technical details (presentation on BlackHat security conference):
>
>
http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-malyshev.pdf
>
> -- 
> Sincerely yours,
>   Vladimir
>
> Vladimir Katalov
> Managing Director
> ElcomSoft Co.Ltd.
> Member of Association of Shareware Professionals (ASP)
> Member of Russian Cryptology Association
> mailto:vkatalov@elcomsoft.com
> http://www.elcomsoft.com
>

Relevant Pages

  • Re: encrypted folders & files
    ... The thumbprint on the certificate I have backed up on ... >> I DID back up my encryption key, have restored it, made ...
    (microsoft.public.windowsxp.security_admin)
  • Re: mod_auth_kerb: gss_accept_sec_context() failed
    ... The "Decrypt integrity check failed" error means that the GSS service ... encryption key, key version number or encryption type was not exactly ... the same as that used to encrypt the service ticket. ...
    (comp.protocols.kerberos)
  • Re: if I encrypt key data why do I want or need SSL?
    ... If an attacker compromises your system somehow and gets your strong named ... he can simply decompile it. ... using asymetric encryption, you are rebuilding https... ... The encryption key itself - are you using one for all the encryption stuff? ...
    (microsoft.public.dotnet.security)
  • Re: My encrypt/decrypt algorithm...
    ... the only issue for the algorithmus actual strength. ... I'm not someone who woke up one morning, seen an encryption special on ... fact that the encryption key,, is random, ... amount of time needed to decrypt it would span generations. ...
    (sci.crypt)
  • Re: alt.computer.security
    ... decryption key for the file to become accessible. ... I'm addressing password/keyfile encryption file protection for work ... I'm considering the encryption key as ... The keyfile will *not* be kept on the same computer that it was used ...
    (microsoft.public.security)