What threats are EFS (Encrpypting File System) trying to protect?

  • Thread starter Thread starter wing
  • Start date Start date
W

wing

Hi all,

I am new in the cryptography.

I have came across EFS today and learnt that it is used to encrypted
files.

However, I am confused what threats that EFS is trying to protect the
files from?

In my xp box, if i stored all files in My Documents, should them be
protected form other users? if this is true, what is the point to use
EFS?

Moreover, is the public/private key pairs stored in the same box? if
yes, is it easily being cracked?

Please enlighten me.

Thanks for your ideas and suggestions in advance.

Wing
 
Wing;
EFS used properly makes your stolen data virtually inaccessible to the
thieves.
You export the keys and keep them elsewhere off the computer.

Used improperly (easy without full understanding) will cause permanent
loss of all encrypted data.

For most users, the other provided security measures are sufficient.

EFS is very good at what it does and there is no back door.
Read and understand these links before using EFS to keep from
permanently losing your data:
http://www.microsoft.com/windowsxp/pro/techinfo/administration/recovery/default.asp
(58 pages)
http://support.microsoft.com/?id=223316
 
wing said:
Hi all,

I am new in the cryptography.

I have came across EFS today and learnt that it is used to encrypted
files.

However, I am confused what threats that EFS is trying to protect the
files from?
Click to expand...
It is used to make certain that only those who are supposed to
be able to see what is in a file are able to do so.
In my xp box, if i stored all files in My Documents, should them be
protected form other users? if this is true, what is the point to use
EFS?
Click to expand...
NTFS filesystem permissions can be used to keep
well behaved users contained to viewing only what
has been granted to them. However, NTFS permissions
are fairly easily changed if someone that should not be
able to use the files gets determined and has access to
the machine.
Moreover, is the public/private key pairs stored in the same box? if
yes, is it easily being cracked?
Click to expand...
The public part of the key must be on the machine in order
for the EFS to be able to encrypt a file.
This does not allow the file to be decrypted, and if the
machine is stolen there is no way, short of a sizable run
on high-performance computers, that the file can me opened
in a decrypted state.
If the private key is stored on the machine, so that the user can
have transparent access to the encrypted file, it is stored in a
way that is rather difficult for unintended persons to get at or
use. For this, look up information on the DPAPI. The key is
itself encrypted in a way that makes it a secret of that unique
instance of the operating system and of the encrypting account
and its current password.
 
Back
Top