L
Leonard Grey
Did you encrypt with EFS and not backup the encryption key? If so, you
can kiss your encrypted files goodbye.
can kiss your encrypted files goodbye.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
Sivaswami Jeganathan
Hi
I have encrypted my folder's in an USB drive from one computer which
contained Windows XP as OS.
The computer has been formatted and returned and there is no way to get it
back.
Is there any way to decrypt the folders so that I can access the files in
another computer.
Looking for your help.
Thanks,
Sivaswami Jeganathan.
I have encrypted my folder's in an USB drive from one computer which
contained Windows XP as OS.
The computer has been formatted and returned and there is no way to get it
back.
Is there any way to decrypt the folders so that I can access the files in
another computer.
Looking for your help.
Thanks,
Sivaswami Jeganathan.
T
Twayne
Sivaswami said:Hi
I have encrypted my folder's in an USB drive from one computer which
contained Windows XP as OS.
The computer has been formatted and returned and there is no way to
get it back.
Is there any way to decrypt the folders so that I can access the
files in another computer.
Looking for your help.
Thanks,
Sivaswami Jeganathan.
Not unless you exported the keys from the XP machine and have them
available for use. Consider it a learning experience about how great
XP's protection is and how important exporting those keys is.
J
John Wunderlich
Hi
I have encrypted my folder's in an USB drive from one computer
which contained Windows XP as OS.
The computer has been formatted and returned and there is no way
to get it
back.
Is there any way to decrypt the folders so that I can access the
files in another computer.
Looking for your help.
Thanks,
Sivaswami Jeganathan.
As others have stated, your data is gone. Verify for yourself in
Microsoft's article:
"Best practices for the Encrypting File System"
<http://support.microsoft.com/kb/223316>
Skip down to the "Why you must back up your certificates" section.
I personally prefer a more portable security encryption scheme with the
freeware "Truecrypt"
<http://www.truecrypt.org>
Sorry,
John
T
Twayne
John said:As others have stated, your data is gone. Verify for yourself in
Microsoft's article:
"Best practices for the Encrypting File System"
<http://support.microsoft.com/kb/223316>
Skip down to the "Why you must back up your certificates" section.
I personally prefer a more portable security encryption scheme with
the freeware "Truecrypt"
<http://www.truecrypt.org>
Sorry,
John
In other words, one that isn't as secure. Nothing wrong with that
actually, for a home user.
J
John Wunderlich
In other words, one that isn't as secure. Nothing wrong with that
actually, for a home user.
It's not necessarily less secure. The encryption algorithms can be the
same as EFS. It's just that _you_ control the passphrase instead of
having Windows pick one for you and manage it _for you_ in a
certificate -- (and, in a lot of cases, screw things up for you by no
fault of your own) By far, the weakest link is the passphrase itself.
My Windows password (key to EFS) could be hacked a long time before my
container passphrase would be.
-- John
T
Twayne
John said:It's not necessarily less secure. The encryption algorithms can be
the same as EFS. It's just that _you_ control the passphrase instead
of having Windows pick one for you and manage it _for you_ in a
certificate -- (and, in a lot of cases, screw things up for you by no
fault of your own) By far, the weakest link is the passphrase itself.
My Windows password (key to EFS) could be hacked a long time before my
container passphrase would be.
-- John
I'd have to disagree with you on that one. But you're obviously
guessing on all that rather than knowing so there's nothing to debate
about how wrong you are.
J
John John - MVP
Twayne said:I'd have to disagree with you on that one. But you're obviously
guessing on all that rather than knowing so there's nothing to debate
about how wrong you are.
What do *you* know about any of it? Based on your reply it's obvious
you don't know much. One way or the other the only way to break
TrueCrypt or NTFS EFS is by cracking the password with brute force, they
are only as strong as the password, EFS is no more secure than
TrueCrypt. There is nothing to debate, indeed.
John
J
John Wunderlich
EFS is no more secure than TrueCrypt.
LOL... Probably correct, but I have to snicker in that Microsoft came
out with Windows XP 8 years ago and to this day I still have several
"Critical Security Patches" installed each week on my XP machine. So
which is really more secure -- Open-Source Truecrypt or Microsoft's
closed-source implementation of EFS?
Based on the number of people that have permanently lost their data,
I'd guess that Microsoft ended up getting the encryption part right
but failed with their user interface/education.
-- John
S
Sivaswami Jeganathan
I thought that Microsoft might have some solution for that.
so no way to break this encryption ? let me wait for 1 more week to delete
the files.
so no way to break this encryption ? let me wait for 1 more week to delete
the files.
J
Jim
There would not be much point to encrypting files if there was an easy waySivaswami Jeganathan said:I thought that Microsoft might have some solution for that.
so no way to break this encryption ? let me wait for 1 more week to delete
the files.
to get around the encryption.
Jim
J
John Wunderlich
I thought that Microsoft might have some solution for that.
so no way to break this encryption ? let me wait for 1 more week
to delete the files.
In simple terms, here is what happens when you create a EFS...
Windows picks a very big random number and makes that a "key" which,
from then on, encrypts and decrypts all data going into or out of an
EFS. Microsoft did not mess around here -- they are using industrial-
strength encryption algorithms. You can't just leave that key hanging
around, so it is combined with a few other bits of information and then
that package [certificate] is then itself encrypted to a combination of
your Secure ID (SID), your Windows Password, and probably a few other
things that Microsoft doesn't advertise. This encrypted "certificate"
is then stored with other certificates in the OS. Windows provides you
the means by which to back up your certificate, but unless you realize
its importance and actually back up the certificate, it is only a
matter of time before you lose your data.
If your system crashes, is stolen, or otherwise rendered inaccessible,
your certificate containing the key to access your EFS can no longer be
obtained nor decrypted to yield the precious EFS key that you need to
unlock your data. Your data can no longer be decrypted and is history.
For this reason, I prefer a solution like Truecrypt where I have
personal control of the encryption key and don't depend on any one
operating system to manage (or mis-manage) it for me.
-- John
M
Marty
As others have stated your data is history.
And again as others have stated the use of Truecrypt
is a better solution to encryption. With TrueCrypt
you create a Truecrypt volume of just about any size
you desire, pick the encryption method, and the password to
access the the volume. After the volume is created
you mount the volume with Truecrypt and then it looks
like any other windows volume.
I use Truecrypt exclusively for my sensitive data on
my home machine and my laptop when I travel. I use the
same volume on both machines and copy it to the laptop
when I travel and then back to the home machine when I
get back home.
You can email Truecrypt volumes with no data corruption.
Marty
And again as others have stated the use of Truecrypt
is a better solution to encryption. With TrueCrypt
you create a Truecrypt volume of just about any size
you desire, pick the encryption method, and the password to
access the the volume. After the volume is created
you mount the volume with Truecrypt and then it looks
like any other windows volume.
I use Truecrypt exclusively for my sensitive data on
my home machine and my laptop when I travel. I use the
same volume on both machines and copy it to the laptop
when I travel and then back to the home machine when I
get back home.
You can email Truecrypt volumes with no data corruption.
Marty