Just recently I had to recover some encrypted data on my notebook (even with
my key saved on a floppy it wasn't so easy). It showed me that efs is doing
quit a good job.



Still I'm wondering how save the system really is:



I guess I shouldn't fear about how safe the key is. But how easy could it be
for an attacker to get the key?



I'm storing my key on the hard disk because I need constant access to the
encrypted data. In case my notebook is stolen I can see two ways that could
be used to access my data:



1. Someone tries to "hack" as "me" or as administrator into windows. Is that
possible? I guess it is, because my userpassword is just 6 letters long and
with some kind of device it should be possible to get it. Am I wrong? How
can I prevent that?



2. Someone just connects the hard disk to another computer. How easy is it
to grab the key from there and decrypt my data?



Greetings,

Peter.

I believe the question to ask is whether the EFS secured=20
data is more difficult to access than anyone is going to=20
be willing to invest the time and expert effort to get at it.

The main parameter in that question is what is stored and=20
who might have interest in getting it. If it has high enough=20
value to someone, and they are willing to steal you machine=20
then they will be able to get at the data.

However, I doubt that this will be a reality except in some=20
rather creepy scenarios, law enforcement vs their believed=20
adversaries, corporate espionage, etc..
At some point tools to make easy accessing EFS data in any=20
account at will in a stolen machine might be in script kiddy=20
hands, but AFAIK this is not so today and by then MS may=20
well adjust key issues of the design to thwart the capability.

--=20
Roger=20

"Peter Heilrath" > wrote in message =
...
> Just recently I had to recover some encrypted data on my notebook =
(even with
> my key saved on a floppy it wasn't so easy). It showed me that efs is =
doing
> quit a good job.
>=20
>=20
>=20
> Still I'm wondering how save the system really is:
>=20
>=20
>=20
> I guess I shouldn't fear about how safe the key is. But how easy could =
it be
> for an attacker to get the key?
>=20
>=20
>=20
> I'm storing my key on the hard disk because I need constant access to =
the
> encrypted data. In case my notebook is stolen I can see two ways that =
could
> be used to access my data:
>=20
>=20
>=20
> 1. Someone tries to "hack" as "me" or as administrator into windows. =
Is that
> possible? I guess it is, because my userpassword is just 6 letters =
long and
> with some kind of device it should be possible to get it. Am I wrong? =
How
> can I prevent that?
>=20
>=20
>=20
> 2. Someone just connects the hard disk to another computer. How easy =
is it
> to grab the key from there and decrypt my data?
>=20
>=20
>=20
> Greetings,
>=20
> Peter.
>=20
>=20
>=20
>=20
>=20
>=20
>=20
>

Peter Heilrath wrote:

> Just recently I had to recover some encrypted data on my notebook (even with
> my key saved on a floppy it wasn't so easy). It showed me that efs is doing
> quit a good job.
>
> Still I'm wondering how save the system really is:
>
> I guess I shouldn't fear about how safe the key is. But how easy could it be
> for an attacker to get the key?
>
> I'm storing my key on the hard disk because I need constant access to the
> encrypted data. In case my notebook is stolen I can see two ways that could
> be used to access my data:
>
> 1. Someone tries to "hack" as "me" or as administrator into windows. Is that
> possible? I guess it is, because my userpassword is just 6 letters long and
> with some kind of device it should be possible to get it. Am I wrong? How
> can I prevent that?
>
> 2. Someone just connects the hard disk to another computer. How easy is it
> to grab the key from there and decrypt my data?

Hi

If you store the exported EFS key on the same computer that it is used, there is
really no point in using EFS at all. This because in your scenario 2 it is just
to import the key on the other computer and decrypt away.

Even if you don't store the EFS key on the local computer, EFS is not very safe
without physical security for the computer. If someone gets hold of the
computer, there are password cracking programs out there that will crack most
users passwords in a reasonable time, and if you got the password, it is just to
log on to get access to your encrypted data.

That means that it is important to password protect your user account with a
*strong* (complex) password that is not to short (min. 8 characters). Some
suggestions for how to choose a password can be found here:

http://www.jmu.edu/computing/runsafe/index.shtml#safeguard


For the laptop computers in the company I work for, MS EFS is not an option, too
unsecure (ref. password crackers), and generally too much hassle with the
concept in it self.

If you really need security, you need to use a product that encrypts the entire
hard drive including Windows and user profiles. We use SafeGuard Easy from
Utimaco for this and is very pleased with it.

More info and products links:

http://securityadmin.info/faq.htm#harden [encryption is the last item here]


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

if you export your public/private keys the idea is to keep
it on a different media in secure place even though the
file is password protected - unsure of strength.

if you store your public and private keys (bydefault) on
the machine, efs is only as secure as the sam hashes/
cached domain login. weak password can be matched very
quickly, however if you use the alt+numoad method and add a
few unicode chars, matching will take a long time. the efs
encryption strength also varies ie, 3des is considered
stronger than desx - so check which type you are using.
128bit is stronger than 56bit - check again. smartcards can
hold encryption certificates instead of storing them on the
drive, making it more secure.

Torgeir Bakken is correct - fulldisk encryption is the only
way to go if you want real security (i predict that
fulldisk encryption is on the rise). - hey, he even
recommends safeguard easy :-) which i also use(sometimes).
you may also want to try using layered encryption for best
security - ie full disk encryption with an encrypted
virtual volume (ie pgpdisk) formatted with ntfs, storing
the files with efs 3des|aes/128bit encryption.

remember that their are some laws now that apply to
encryption in some countries and you could be forced to
open your encrypted documents. if this is a risk you may
want to consider something like http://www.rubberhose.org/
though only available in linux. strangely enough i wrote up
a very similar idea, though slightly simpler (read all the
backround docs) before finding that page.


>-----Original Message-----
>Peter Heilrath wrote:
>
>> Just recently I had to recover some encrypted data on my
notebook (even with
>> my key saved on a floppy it wasn't so easy). It showed
me that efs is doing
>> quit a good job.
>>
>> Still I'm wondering how save the system really is:
>>
>> I guess I shouldn't fear about how safe the key is. But
how easy could it be
>> for an attacker to get the key?
>>
>> I'm storing my key on the hard disk because I need
constant access to the
>> encrypted data. In case my notebook is stolen I can see
two ways that could
>> be used to access my data:
>>
>> 1. Someone tries to "hack" as "me" or as administrator
into windows. Is that
>> possible? I guess it is, because my userpassword is just
6 letters long and
>> with some kind of device it should be possible to get
it. Am I wrong? How
>> can I prevent that?
>>
>> 2. Someone just connects the hard disk to another
computer. How easy is it
>> to grab the key from there and decrypt my data?
>
>Hi
>
>If you store the exported EFS key on the same computer
that it is used, there is
>really no point in using EFS at all. This because in your
scenario 2 it is just
>to import the key on the other computer and decrypt away.
>
>Even if you don't store the EFS key on the local computer,
EFS is not very safe
>without physical security for the computer. If someone
gets hold of the
>computer, there are password cracking programs out there
that will crack most
>users passwords in a reasonable time, and if you got the
password, it is just to
>log on to get access to your encrypted data.
>
>That means that it is important to password protect your
user account with a
>*strong* (complex) password that is not to short (min. 8
characters). Some
>suggestions for how to choose a password can be found here:
>
>http://www.jmu.edu/computing/runsafe/index.shtml#safeguard
>
>
>For the laptop computers in the company I work for, MS EFS
is not an option, too
>unsecure (ref. password crackers), and generally too much
hassle with the
>concept in it self.
>
>If you really need security, you need to use a product
that encrypts the entire
>hard drive including Windows and user profiles. We use
SafeGuard Easy from
>Utimaco for this and is very pleased with it.
>
>More info and products links:
>
>http://securityadmin.info/faq.htm#harden [encryption is
the last item here]
>
>
>--
>torgeir
>Microsoft MVP Scripting and WMI, Porsgrunn Norway
>Administration scripting examples and an ONLINE version of
the 1328 page
>Scripting Guide: http://www.microsoft.com/technet/scriptcenter
>
>
>.
>