Because the encryption & decryption operations are performed at a layer below NTFS, it is transparent to the user and all their applications.įolders whose contents are to be encrypted by the file system are marked with an encryption attribute. The EFS component driver then uses the symmetric key to decrypt the file. To decrypt the file, the EFS component driver uses the private key that matches the EFS digital certificate (used to encrypt the file) to decrypt the symmetric key that is stored in the $EFS stream. The FEK (the symmetric key that is used to encrypt the file) is then encrypted with a public key that is associated with the user who encrypted the file, and this encrypted FEK is stored in the $EFS alternate data stream of the encrypted file. The symmetric encryption algorithm used will vary depending on the version and configuration of the operating system see #Algorithms Used by Operating System Version below. It uses a symmetric encryption algorithm because it takes a relatively smaller amount of time to encrypt and decrypt large amounts of data than if an asymmetric key cipher is used. EFS works by encrypting a file with a bulk symmetric key, also known as the File Encryption Key, or FEK.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |