Hello,
last week, the german magazine c't posted an interesting article about Microsoft
Encrypted File System (EFS), which can be used with Win2K and WinXP.
Still, I think they missed some interesting questions.
First, as I understood, user certificates are used for encryption. How and where are
these
certificates stored in a networked environment? Are they stored with the user profile
and
transmitted in clear when using unencrypted transmission when the user logs on
(Win2K/XP box within an NT4 Domain or Win2K Domain Controller not using encrypted
transfers)? Or are they only stored locally?
Second, are there any known weaknesses or further documentation for DESX, the crypto
algorithm for EFS? I've never heard of this before. Why didn't they use 3DES (speed, I
guess) or AES/Blowfish/IDEA/CAST/whatever. How does it compare to these algorithms?
Third, is it possible to disable the recovery agent ("master" key which can read all
encrypted files)?
Thanks,
Andreas
