NTFS encryption foul-up

[CTho9305]

I has some encrypted files on my data partition (winXP) and then formatted my windows partition before backing up my credentials folder. Is there any way I can get those files back? I am administrator... 🙁

 

[Nothinman]

-> FAQ

 

[CTho9305]

Originally posted by: Nothinman
-> FAQ

note to self: AT FAQs can be more useful than google 🙂

crap... i guess those files are gone 🙁. no cracks? no stupid bugs in MS encryption?

edit: crap... it is supposed to be good encryption. why oh why must things be secure ONLY when it hurts you? 🙁. i'm feeling nice and stupid.

 

[AndyHui]

No cracks, no bugs. No way to get around it.

Once again I ask the question, why is it that people ignore what I have to say?

 

[CTho9305]

Originally posted by: AndyHui
No cracks, no bugs. No way to get around it.

Once again I ask the question, why is it that people ignore what I have to say?

because the FAQs rarely have answers to my questions.... so I dont check them first.

 

[n0cmonkey]

Originally posted by: AndyHui
No cracks, no bugs. No way to get around it.

None known 😉 Do you happen to know which algorith MS uses? I did a search a while back on their site and I dont hink I found the answer.

 

[n0cmonkey]

Originally posted by: CTho9305

Originally posted by: AndyHui
No cracks, no bugs. No way to get around it.

Once again I ask the question, why is it that people ignore what I have to say?

because the FAQs rarely have answers to my questions.... so I dont check them first.

There is still the search feature 😉

 

[mobly99]

None known Do you happen to know which algorith MS uses? I did a search a while back on their site and I dont hink I found the answer.

DESX by default, can also do 3DES

-Dave

--edit--
here is a good overview of EFS that talks about use of DESX link
--edit--

 

[stash]

No cracks, no bugs. No way to get around it.

ALL encryption can be broken...its just a matter of having the horsepower and patience to do it.

 

[CTho9305]

Originally posted by: STaSh

No cracks, no bugs. No way to get around it.

ALL encryption can be broken...its just a matter of having the horsepower and patience to do it.

have you seen the size of the keys? it would take an RC5-style project to crack in reasonable time 😉

 

[stash]

have you seen the size of the keys? it would take an RC5-style project to crack in reasonable time

...and you hit the nail on the head as far as effective encryption goes. The latest P4s can test around 8 million character combinations per second, but it would still take that processor 13 years to go through all the 8 character combinations that can be formed using the 95 printable ASCII characters (there are 6.6 quadrillion possibilities). However, most people dont choose good 8 character passwords, and therefore, most passwords can be cracked in less than 6 hours.

By the way, to go through all the 8 char ASCII combinations on the fastest machine circa 1979 would've taken 66 years at its then blistering pace of 50,000 combinations/sec.

Read this great article for the details on the state of passwords.

 

[n0cmonkey]

Who uses 8 character passwords? Im trying to come up with a 64 character password (the limit on OpenBSD IIRC) 😛

 

[Woodie]

Im trying to come up with a 64 character password (the limit on OpenBSD IIRC)

Now you have one: Im trying to come up with a 64 character password (the limit on
(note the space at the end!) Replace one character w/ a high-ASCII (assuming OBSD can handle it) and you're done. 😀

General FYI: the data encryption algorithm that M$ uses for EFS is DESX. (They use a different one that I haven't found yet to encrypt the DESX key for each file).

 

[singh]

Originally posted by: n0cmonkey
Who uses 8 character passwords? Im trying to come up with a 64 character password (the limit on OpenBSD IIRC) 😛

Heh.. mine are almost always 8-9 chars 😛

 

[GigaCluster]

Linux allows passwords up to 255 characters if you configure it to use MD5 encryption.
I wonder how many centuries it'd take to brute-force a password that long using today's machines.

For reference, my root password for my three machines is 21 characters long, and uses both upper/lower chars, digits, and symbols above digits. Good luck cracking something like that.

 

[n0cmonkey]

Originally posted by: GigaCluster
Linux allows passwords up to 255 characters if you configure it to use MD5 encryption.
I wonder how many centuries it'd take to brute-force a password that long using today's machines.

For reference, my root password for my three machines is 21 characters long, and uses both upper/lower chars, digits, and symbols above digits. Good luck cracking something like that.

MD5 hashes arent very long, there are bound to be duplicates out there somewhere... 😛

I really need to work on my passwords, some of them are good, some arent all that great.

 

[CTho9305]

Originally posted by: n0cmonkey

Originally posted by: GigaCluster
Linux allows passwords up to 255 characters if you configure it to use MD5 encryption.
I wonder how many centuries it'd take to brute-force a password that long using today's machines.

For reference, my root password for my three machines is 21 characters long, and uses both upper/lower chars, digits, and symbols above digits. Good luck cracking something like that.

MD5 hashes arent very long, there are bound to be duplicates out there somewhere... 😛

I really need to work on my passwords, some of them are good, some arent all that great.

you wanna type 64 characters??? i type 9 for my "best" and its hard enough to crack

 

[n0cmonkey]

Originally posted by: CTho9305

Originally posted by: n0cmonkey

Originally posted by: GigaCluster
Linux allows passwords up to 255 characters if you configure it to use MD5 encryption.
I wonder how many centuries it'd take to brute-force a password that long using today's machines.

For reference, my root password for my three machines is 21 characters long, and uses both upper/lower chars, digits, and symbols above digits. Good luck cracking something like that.

MD5 hashes arent very long, there are bound to be duplicates out there somewhere... 😛

I really need to work on my passwords, some of them are good, some arent all that great.

you wanna type 64 characters??? i type 9 for my "best" and its hard enough to crack

Sure, unless Im drunk. Then Id setup a user with almost no permissions so I cant screw anything up anyways 😛

 

[stash]

Who uses 8 character passwords? Im trying to come up with a 64 character password (the limit on OpenBSD IIRC)

Lol, unfortunately, long passwords in uncapable hands (not saying yours are), are no better than a blank password in some instances.

At work, we were running vunlerability scans with ISS. We had done this about six months ago and discovered the admin password on one of the servers on one of the networks. We found it because the idiot admin had made the account autologon on one of his servers. So after we told him, he tried to get tricky and changed the pass to a 20 character mess of random letters numbers and symbols. But the idiot still left the autologon set....so ISS grabbed the password again, saved it in its database, and proceeded to scan the other 200+ servers that he had used the same password with, finding the admin pass on each one 🙂

 

[farmercal]

Perhaps I am too new to the XP thing right now but could someone explain to me what happened to this guys files? I am using NTFS and would like to avoid what happened here if I can. From what I can gather when he reinstalled his OS he lost access to his files? If so, why? Shouldn't the passwords he used before still be valid? And if not can't they be converted to something else via PM7 or something?

 

[n0cmonkey]

Originally posted by: farmercal
Perhaps I am too new to the XP thing right now but could someone explain to me what happened to this guys files? I am using NTFS and would like to avoid what happened here if I can. From what I can gather when he reinstalled his OS he lost access to his files? If so, why? Shouldn't the passwords he used before still be valid? And if not can't they be converted to something else via PM7 or something?

He encrypted them, didnt back up the key, reinstalled (which deleted his key). The files are still there. I think he can still access them. But he cannot decrypt them. There is a FAQ on backing up your encryption key.

 

[Woodie]

NTFS permissions are NOT the same as encrypting the file. (see the FAQ).

You can reinstall the OS, and over-ride NTFS permissions. You cannot decrypt files without the keys that ENcrypted them. NTFSv5 (W2K and XP) adds support for EFS as an extended attribute, so it's a part of the file system. They can only provide encrypted file support on drives that are NTFSv5 formatted.

 

[CTho9305]

Originally posted by: n0cmonkey

Originally posted by: farmercal
Perhaps I am too new to the XP thing right now but could someone explain to me what happened to this guys files? I am using NTFS and would like to avoid what happened here if I can. From what I can gather when he reinstalled his OS he lost access to his files? If so, why? Shouldn't the passwords he used before still be valid? And if not can't they be converted to something else via PM7 or something?

He encrypted them, didnt back up the key, reinstalled (which deleted his key). The files are still there. I think he can still access them. But he cannot decrypt them. There is a FAQ on backing up your encryption key.

Yeah, he was a moron. 😉

To encrypt stuff, right-click a file/folder, choose properties. by the "attributes" is a button "advanced". in there you can encrypt stuff. as long as you back up your key, it is pretty safe, but if you dont, make sure you dont lose the key 😉