Re: ENCRYPTED DATA RECOVERY

From: XDA974 (XDA974_at_discussions.microsoft.com)
Date: 06/15/04 

Date: Mon, 14 Jun 2004 20:45:01 -0700

I guess this has become a VERY PAINFUL EXPERIENCE for me now. 20/20 hindsight I should have decrypted those folders or if I had known to have had a Recovery Agent beforehand I wold not be in this mess.
Man this really sucks! Let me ask you, is it futile to keep these files around in the hope that maybe something will come along that will be able to do some kind of reverse engineering? 

-- 
ENAS
"Carey Frisch  [MVP]" wrote:
> Before you encrypt anything important, you should back up your
> personal encryption certificate (with its associated private key)
> and the recovery agent certificate to a floppy disk and store it in
> a secure location. If you ever lose your original certificate
> (because of a hard disk failure, for example), you can restore
> the backup copy and regain access to your files. If you lose all
> copies of your certificate (and no recovery agent certificates exist),
> you won't be able to use your encrypted files. No back door exists,
> nor is there any practical way to hack these files.
> (If there were, it wouldn't be very good encryption.)
> 
> HOW TO: Remove File Encryption in Windows XP
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308993
> 
> Without a backup of the original Encryption Certificate Key, encrypted files
> are unrecoverable as they will stay encrypted forever.  There is no recovery
> method since the encryption algorithm is now completely different with a
> reinstall of Windows XP.
> 
> See if the following articles help in any way:
> 
> HOW TO: Take Ownership of a File or Folder in Windows XP
> http://support.microsoft.com/default.aspx?scid=kb;en-us;308421
> 
> Methods for Recovering Encrypted Data Files
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;255742
> 
> Best Practices for the Encrypting File System
> http://support.microsoft.com/default.aspx?scid=kb;en-us;223316
> 
> Encrypting File System in Windows XP
> http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx
> 
> EFS Files Appear Corrupted When You Open Them
> http://support.microsoft.com/default.aspx?scid=kb;en-us;329741
> 
> -- 
> Carey Frisch
> Microsoft MVP
> Windows XP - Shell/User
> 
> Be Smart!  Protect your PC!
> http://www.microsoft.com/security/protect/
> 
> ------------------------------------------------------------------------------------------------
> 
> "XDA974" <XDA974@discussions.microsoft.com> wrote in message:
>  news:3D6FA4C3-FC26-42AA-BEB9-FE5A2BBD4CC2@microsoft.com...
> 
> |I have a somewhat complicated situation so please bear with me as I explain this problem. I am working with 
> XP Pro and have 2 HDDs, a 40gig & a 160giger. In the 160 giger I have data etc where some of it was encrypted. 
> I had made the decision to do a clean install of XP on the 40giger since I just got the XPSP2 RC1 with RC2 
> forthcoming. Disconnected the 160giger and proceeded from there.
> | After installing XP when I attempted to open up those files, the message I got was  ACCESS DENIED! I was 
> completely baffled. So now I have come into the realm of that thing called Certificates and when I do a 
> DETAILS view on a particular file it shows my old user name and a Thumb Certitificate. Reading up more I find 
> out I should attempt to install a Recovery Agent [sounds like the Matrix here now] to decrypt my files.
> | However I am getting mixed messages and since I am no expert in this stuff, I am having this grave feeling 
> that since the old XP install is no longer around the certificate[s] that were stored in THAT registry are no 
> longer available to open up my files.
> | Is this about right or do I have it all wrong and maybe I can breathe easy and recover my data? HELP!
> | If so, PLEASE provide me with a step-by-step solution since some of these files I have read assume you know 
> everything about security and certificates!
> | -- 
> | ENAS 
> 
>

Relevant Pages

  • Re: SQL-Server startet nicht ...
    ... Because connection encryption is required, ... You should verify that the certificate is ... Check the SQL Server error log and the Windows event logs for information ...
    (microsoft.public.de.sqlserver)
  • Re: EFS, certificates etc
    ... created a certificate ... >for the Admin account, which I have designated as the ... >data recovery agent cannot. ... >>> encryption. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Can no longer encrypt files
    ... It is saying the certificate for the "Recovery Agent" is invalid, ... > the actual account doing the Encryption. ... > Win2k, the designated recovery agent was the default "Domain Admin", WinXP ... This was working fine until the account password expired and was ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Decrypt windows files
    ... Iam using Windows XP joined to a Windows 2000 Domain, I encrypted the files using my domain user account so I need a help in decrypting my files. ... Since you forget to back up your certificate, unless you set a recovery agent you are most probably out of luck. ... There is no backdoor to encryption. ...
    (microsoft.public.security)
  • Key Recovery and Decryption
    ... I had the encryption key backed up on ... and designating a Data Recovery Agent. ... to install the Administrator's Data Recovery Certificate ... corresponding private key but if I try to export this ...
    (microsoft.public.windowsxp.security_admin)