Security Basics mailing list archives
Re: Windows private folder option decryption
From: Moritz Naumann <info () moritz-naumann com>
Date: Thu, 09 Dec 2004 11:44:23 +0100
Hey Jon!For a good read on encrypted file systems see http://www.linuxexposed.com/internal.php?op=modload&name=News&file=article&sid=512
Elcomsoft (known for their work on cracking the adobe ebook encryption) have a software for this. I never used it, though, so I can't say whether it's good or not.
http://www.crackpassword.com/products/prs/mswin/efs/If I recall correctly, their are two weaknesses in Windows' Encrypted File System (EFS):
- Decoding key hashes could be read from disk swap - 56 bit encryption onlyI assume the above software makes use of at least the first weakness, maybe both. If any usable key hashes are found this would be a fast way to recover the data. The second method would need brute forcing which will take quite a while.
Greetings, Moritz Naumann -- Moritz Naumann Hamburg, Germany
Current thread:
- Windows private folder option decryption Jon Lawhead (Dec 08)
- Re: Windows private folder option decryption Gaspar de ElĂas (Dec 09)
- RE: Windows private folder option decryption dave kleiman (Dec 09)
- Re: Windows private folder option decryption GuidoZ (Dec 09)
- RE: Windows private folder option decryption Hamish Stanaway (Dec 09)
- Re: Windows private folder option decryption xyberpix (Dec 09)
- Re: Windows private folder option decryption easternerd (Dec 10)
- Re: Windows private folder option decryption Ron (Dec 10)
- RE: Windows private folder option decryption Corey Watts-Jones (Dec 13)
- Re: Windows private folder option decryption easternerd (Dec 10)
- Re: Windows private folder option decryption Moritz Naumann (Dec 09)