Is EFS secure?

[Cluent]

Since the encryption certificate is stored on the computer, all you have to do is connect the hard drive to another computer to get access to the certificate and decrypt all of the files. Not true?

 

[Teerex]

Not true.

 

[Cluent]

Why not? Any administrator can delete a normal user's password and gain entry.

 

[sup3rsprt]

Why not? Any administrator can delete a normal user's password and gain entry.

The encryption is based on the user's password, so if you reset a user's password he will not be able to decrypt his or her data.

 

[Cluent]

There is no need to reset the password. If you attach the hard drive to another computer you can simply navigate to the encryption certificate. I haven't tried this.

Also, if you export the certificate you don't need the password. Are you sure the certificate is tied to the password?

 

[sup3rsprt]

There is no need to reset the password.

Then why did you mention it?

Are you sure the certificate is tied to the password?

Positive.

 

[Jordus]

Its secure, but obviously not as good as using an Enterprise Certficate Authority.

 

[sup3rsprt]

True. People at NSA will have no trouble cracking EFS.

 

[logicearth]

True. People at NSA will have no trouble cracking EFS.

They would not be cracking EFS, they would crack the supporting systems. But cracking EFS would require a means of cracking AES. And if AES is cracked....well there are bigger problems then.

Btw for the original question:

Decrypting files using the local Administrator account

...

In Windows XP and later, there is no default local Data Recovery Agent and no requirement to have one. Setting SYSKEY to mode 2 or 3 (syskey typed in during bootup or stored on a floppy disk) will mitigate the risk of unauthorized decryption through the local Administrator account. This is because the local user's password hashes, stored in the SAM file, are encrypted with the Syskey, and the Syskey value is not available to an offline attacker who does not possess the Syskey passphrase/floppy.

...

Files encrypted with EFS can only be decrypted by using the RSA private key(s) matching the previously-used public key(s). The stored copy of the user's private key is ultimately protected by the user's logon password. Accessing encrypted files from outside Windows with other operating systems (Linux, for example, or even another instance of Windows) is not possible...Further, using special tools to reset the user's login password will render it impossible to decrypt the user's private key and thus useless for gaining access to the user's encrypted files.

 

[sup3rsprt]

But cracking EFS would require a means of cracking AES.

Only with extremely strong passwords, assuming EFS has no inherent flaws which is probably not the case.

What you've just quoted is basically everything I rapped up in a nutshell.

 

[logicearth]

Only with extremely strong passwords, assuming EFS has no inherent flaws which is probably not the case.

Not really, the plain form of the user's password is not used as the means for creating the public key to decrypt the private key. However, complicated (extremely is overkill) passwords are encouraged, brute force is still an option so having "cat" as the password is greatly discouraged.

There have been several ways to try and get around EFS, but none of them directly attack EFS or have been made obsolete with new versions of Windows.

What you've just quoted is basically everything I rapped up in a nutshell.

Aye, for clarification for the OP.

 

[sup3rsprt]

You contradicted yourself.

Not really ... brute force is still an option

Besides, I can encrypt a file with EFS right now, then reset the user's password and I'm still able to decrypt the file from another account using EFS recovery tools (I only need to know the users previous password).

 

[logicearth]

You contradicted yourself.

You misunderstood me. Having an "extremely" strong password is not required. A complicated password sure, but it does not need to be extreme.

Exchange of information is not one of my strong suites, I expect misunderstanding.

 

[sup3rsprt]

Complicated is a subjective term. Many "complicated" passwords can be cracked easily by the NSA.

 

[logicearth]

I'm sure they could since I'm pretty sure the have several super computers at there disposal.

 

[sup3rsprt]

Many people even speculate that the NSA has backdoors into Windows which I thought is funny but I don't really believe it.

 

[Cluent]

Btw for the original question:

Decrypting files using the local Administrator account

...

In Windows XP and later, there is no default local Data Recovery Agent and no requirement to have one. Setting SYSKEY to mode 2 or 3 (syskey typed in during bootup or stored on a floppy disk) will mitigate the risk of unauthorized decryption through the local Administrator account. This is because the local user's password hashes, stored in the SAM file, are encrypted with the Syskey, and the Syskey value is not available to an offline attacker who does not possess the Syskey passphrase/floppy.

...

Files encrypted with EFS can only be decrypted by using the RSA private key(s) matching the previously-used public key(s). The stored copy of the user's private key is ultimately protected by the user's logon password. Accessing encrypted files from outside Windows with other operating systems (Linux, for example, or even another instance of Windows) is not possible...Further, using special tools to reset the user's login password will render it impossible to decrypt the user's private key and thus useless for gaining access to the user's encrypted files.

That's great. Do you have a link to the original text? I would like to also find out more about "SYSKEY" and how it's implemented.

 

[sup3rsprt]

I just googled it

Encrypting File System - Wikipedia, the free encyclopedia

 

[Cluent]

It sounds like they've addressed some if not all of the weaknesses. Is there a reliable resource out there that explains how to implement EFS (for home not corporate use) in such a way as to minimize the weaknesses without making it too inconvenient?

Or would it be better to just set up an encrypted archive with something like Truecrypt?

 

[Jordus]

Im sure EFS is fine for any home use. You also have to weigh the fact that whatever you have to encrypt at home is likely not worth the time it would take someone to crack it.

Just make sure you back up your key so you dont lose it all.