| 47 |
| Windows 2000 Encrypting File System |
| Windows 2000 provides a means of securing file system data through encryption. The Windows |
| 2000 Encrypting File System (EFS) allows users to encrypt and decrypt files on the fly, while |
| offering an effective security mechanism that's essentially transparent to the user. |
| Providing file system security with EFS |
| All Windows 2000 platforms include EFS, which allows administrators to protect the file system |
| from unauthorized access. EFS is primarily intended to protect the file system on a physically |
| insecure computer. A server kept behind locked doors that has no removable storage devices is not a |
| likely candidate for EFS. |
| Although encrypting individual files is a start, it doesn't provide the level of security you might |
| need. Rather than look to solutions that provide file-by-file encryption, you need a solution that |
| can automatically encrypt and decrypt files in an entire folder or volume. EFS does just that. |
| To use EFS, you must also use NTFS, as EFS relies on NTFS reparse points and an installable |
| NTFS file system filter that handles the encryption/decryption process (both new features of NTFS |
| 5.0). You can't protect FAT volumes or folders with EFS for that reason. In addition, EFS doesn't |
| encrypt network traffic, so when a user accesses encrypted files from a server or transfers encrypted |
| files from his or her workstation to another computer, those files are sent unencrypted across the |
| network and are therefore subject to the same security risks as unencrypted files. If you need the |
| highest possible security for your data and added security for network transfers, implement a |
| network encryption mechanism such as IPSec in addition to EFS. |
| The implementation of EFS in Windows 2000 uses the Data Encryption Standard X (DESX), which |
| provides 128-bit encryption. Windows 2000 encrypts each file with a randomly generated, unique |
| file encryption key, independent of the user's public/private key pair. Using a unique encryption |
| key for each file provides an excellent level of security and makes it extremely difficult to break |
| the encryption on an entire volume or even a single folder. Brute force attempts would eventually |
| succeed on a single file, but the time required to decrypt a large amount of data would be |
| EFS automatically generates a bulk symmetric encryption key and encrypts the file using that key. |
| It then encrypts the bulk encryption key (called a File Encryption Key [FEK]) with the user's |
| public key. EFS stores the FEK for an encrypted file within the encrypted file in an attribute called |
| the Data Decryption Field (DDF). It also encrypts the bulk encryption key using the recovery |
| agent's public key. This FEK is stored in the Data Recovery Field (DRF) of the file. The DRF can |
| contain data for multiple recovery agents. |
| Each time EFS saves the file, it generates a new DRF using the current recovery agent list, which is |
| based on the recovery policy. Encryption and decryption is transparent to the user and happens |
| automatically as the file is read from and written to the disk. You can open an encrypted document |
| using the document's parent application--either inside or outside of the application--without any |
| special preparation or procedure. |
First Previous Next Last |