Re: decrypting EFS with the help of an unencrypted file
From: Ben Livengood (ben.livengood_at_gmail.com)
Date: 07/28/05
- Next message: Fangguo: "Re: Elliptic curves over finite fields of characteristic 3"
- Previous message: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- In reply to:(deleted message) Sebastian Gottschalk: "Re: decrypting EFS with the help of an unencrypted file"
- Next in thread: Gregory G Rose: "Re: decrypting EFS with the help of an unencrypted file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Jul 2005 19:46:51 -0700
> It is possible, but not reasonably.
Windows XP has built in EFS file recovery, so long as this was not
disabled it should be possible to use the administrator account to
recover the files. Even if that's not the case, the asymmetric keys are
eventually just encrypted with the user's password (and some machine
specific key, which is normally constructed just by booting the
computer), and so a dictionary attack could be mounted. I don't know
enough about EFS internals to do it, but I'm sure that it's less than a
10 million year job.
- Next message: Fangguo: "Re: Elliptic curves over finite fields of characteristic 3"
- Previous message: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- In reply to:(deleted message) Sebastian Gottschalk: "Re: decrypting EFS with the help of an unencrypted file"
- Next in thread: Gregory G Rose: "Re: decrypting EFS with the help of an unencrypted file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
