EFS actually works with two encryption operations at once: First, the file is encrypted with a dynamically-generated bulk encryption key. Second, the bulk key is encrypted with the public key of the user, as well as the key of a designated recovery agent (usually an administrator).
Once information is encrypted with the public key of a user, the only way to get to that information is with the corresponding private key of that user or that of the recovery agent. Without that user's private key, the bulk key (and therefore the encrypted file) is effectively lost. The OS can't decrypt it without the private key, either, which is the power and risk of public key encryption. There's an excellent overview of this on MS TechNet. scotty ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, January 15, 2002 9:02 AM Subject: RE: MS EFS Question > What happens if you lose the private key, and from there copy the files to a > FAT or NTFS4 partition? > > Do they remain encrypted? > > -----Original Message----- > From: Kevin Crichton [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 14, 2002 12:06 PM > To: Rob Weiss > Cc: 'leon'; [EMAIL PROTECTED] > Subject: Re: MS EFS Question > > > Encrypted files do *not* preserve their encryptyed status when copied or > moved to fat partitions from ntfs partitions > > Kevin Crichton, MCSE > ICL, UK > > Rob Weiss wrote: > > > Leon (and others), > > > > I tried to verify this in some of my MS books, but couldn't find the > answer. > > > > > > What I believe that I remember is this: Encrypted files keep their > > encryption when they are copied or moved, regardless of the destination > > (NTFS or FAT). > > > > Rob > > > > -----Original Message----- > > From: leon [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, January 09, 2002 11:00 PM > > To: [EMAIL PROTECTED] > > Subject: MS EFS Question > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Hi everyone, > > > > > > Quick (and perhaps easy?) question for the MS folks. > > > > If you have a file on an NTFS volume that is encrypted (with EFS) and > > you transfer it to a fat32 partition what happens? What happens if > > you copy the EFS file from one NTFS volume to another? I am going to > > guess that in the 1st case it decrypts the file (not sure). I am > > pretty sure that in the 2nd case it retains the encryption. Can > > anyone quickly verify? I don't have a fat32 partition to test on. > > In the meantime I will try out the 2nd scenario and you are welcome > > to mail me off-list if you are curious (unless someone answers it on > > list). > > > > Thanks guys (and ladies of course). > > > > Cheers, > > > > Leon > > > > -----BEGIN PGP SIGNATURE----- > > Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> > > > > iQA/AwUBPD0RqtqAgf0xoaEuEQJiZwCgw7TNQs9wVbIZdxAdSZGR8J6D3IoAoNZz > > SUCaNmqheFn+HZIPhSYY+Btp > > =Ptbl > > -----END PGP SIGNATURE----- > > > >
