Question

Use the Web, University Library, or other sources to find out specifics about the Encrypted File System that is part of Windows. Describe this file system, and any strengths and any weaknesses you find. Write a 3 to 4 page paper use APA format and adhere to the writing rubric.

Answer 1

Encrypted file system

File system level encryption is given by Encrypted file system in windows. This file system helps in protecting data from malicious attack and kept our data to be confidential. Here encryption is enforced by user. User can encrypt a single file or the whole directory or the whole drive. By default, file is not encrypted.

Encryption is transparent to user, when user made some changes in the file and again saves it, EFS automatically encrypt the file.

Need of Encryption

In our computer system we have some important data or information like related to our bank details. This information must be protected from attacks. As mostly people use internet, so there is a chance that some virus may come from the internet and can harm this important information or can use this information for their benefits. Here security of this information is necessary.

There is need to protect the files and encryption is the best solution.

Multiple user concept

EFS plays a crucial role when there are multiple users are using the same system. As EFS provide security per user bases not machine bases. So, there is no chance of clashes among the users. It ensures that users can’t access each other’s data.

Access denied message is shown if user wants to access other user data.

Working of EFS

For encryption of a file or a data we need an algorithm and keys like public or private key. With the help of keys information is converted into codes and these codes are secret means hides the true meaning of the information. For example, we can say that a means c, b means d and c means f and so on. So here the actual meaning of the information is changed. There are various methods which provide coding of data that is encryption. For reading the actual information decryption algorithm is applied.

Basic terms used in EFS are following.

1>Algorithm This file system uses symmetric encryption algorithm. The reason behind is that asymmetric algorithm takes more time for encryption.

2>FEK Here symmetric key is used to encrypt the file i.e. called as FEK (file encryption key). Now the good point here is that this key FEK is again encrypted by public key of user. For decryption of the file digital certificates are used. And all this process is transparent for the users and also for the application.

3>Encryption attribute This attribute put a mark on the files which are to be encrypted. If this file has sub folder or sub files then these are also to be encrypted.

4>Handle encrypted file Encrypted files are handled by current encryption driver.

5>Backup and restore Back up or encrypted files is done by raw encryption function. Here creates file, read file and write file commands are used.

Steps for encryption of a file on windows

The following steps for encryption are following.

1>First go in the window exploral. Right click on the file or folder you want to encrypt.

2>Select properties from the context menu.

3>Click on advance button.

4>Go in the compress or encrypt attributes then go in advance attribute dialogue.

5>Check secure data in encrypt content.

6>Then click on ok and click on apply.

7> Then select apply changes on the selected files and folder.

8>Now backup your file encryption key. For this use a USB derive for backup.

9>Now create your certificate.

10>Enter the password.

11>Finish.

12>Eject the USB derive.

Important features of EFS

Some of the important features of EFS are following.

1> File encryption keys can be recovered from USB derive or from server.

2> These keys are protected with the help of password.

3>If user lost its key then data recovery agent can be used to restore the kay.

4>Encryption is transparent.

5>If a particular folder is selected for encryption then all the sub folder is also subjected to encrypted.

6> Latest version are using RSA and AES.

Files that are not protected by EFS

There are some files which are not protected by EFS are following.

1>Files sent via emails are not protected by this.

2>The file which is moved to another network or to another device.

3>System and page files are also not encrypted.

4>Compressed files are also not encrypted.

Strength

The main benefits of EFS are following.

1>It is transparent for user. It means this file system automatically encrypt or decrypt the information on behalf of user. User does not need to remember the password or key for encryption and decryption.

2>The keys for encryption and decryption are not vulnerable to dictionary attacks. So, EFS provides security to keys.

3>Generally attacker capture keys from the paging table. So, in EFS encryption and decryption is done in kernel mode.

4> In EFS there is an option where user can restore its data.

5> Here files remains encrypted when they are moved to another folder or to another NTFS derive

Weakness

The main drawbacks of this system are following.

1> New users may find EFS too difficult to understand. They have read out manuals and documentation.

2> There is a situation when a user can lose its data i.e. at the time of operating system reinstallation.

3> In case of operating system failure, it is very difficult to get access to encrypted files because keys are lost.

4>The data in the file may be leak into the temporary files.

5>Key management is a hectic task.