Contents

Talk:Encrypting File System

This article is rated B-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Cryptography: Computer science This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles ??? This article has not yet received a rating on the importance scale. This article is supported by WikiProject Computer science. Microsoft Mid‑importance This article is within the scope of WikiProject Microsoft, a collaborative effort to improve the coverage of articles relating to Microsoft on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.MicrosoftWikipedia:WikiProject MicrosoftTemplate:WikiProject MicrosoftMicrosoft articles Mid This article has been rated as Mid-importance on the project's importance scale. Microsoft Windows: Computing Mid‑importance This article is within the scope of WikiProject Microsoft Windows, a collaborative effort to improve the coverage of Microsoft Windows on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Microsoft WindowsWikipedia:WikiProject Microsoft WindowsTemplate:WikiProject Microsoft WindowsMicrosoft Windows articles Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing. Computing: Software Mid‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Software (assessed as Mid-importance). Computer Security: Computing Mid‑importance This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing (assessed as Mid-importance). Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

File system on file system?

[edit]

Is EFS, so to speak, a file system on another file system (NTFS)? --Abdull 18:49, 28 November 2005 (UTC)[reply]

Yep, it seems so. From the first external link: "EFS protects sensitive data in files that are stored on disk using the NTFS file system". — Matt Crypto 18:57, 28 November 2005 (UTC)[reply]

No. EFS is not a file system. It is an add-on to NTFS where the data gets encrypted and some information needed to decrypt the data is stored in a NTFS stream.

— Dominik Weber 6/13/2006

No. EFS is currently described by Microsoft as a component driver, and was previously compared to filesystem filters (which is a reasonable approximation of the net effect). It merely intercepts calls to some APIs such as CreateFile() and performs the decryption needed to service the API request.

User:ParanoidMike 2007/06/14

This article conflicts with it self. The majority of the article says that the files are encrypted with a symetric encryption algorithim with that key that is in turn encrypted asymetrically.

However, the Recovery part of the Security section says that the files are not even encrypted. There are some space/comma problems. Looks like a defacement to me? —Preceding unsigned comment added by 128.231.88.4 (talk)

if "encrypting file system" is a windows only thing a disambiguation link at the top would help. I know similar things exist for Mac and Linux. --169.229.215.5 21:50, 22 September 2006 (UTC)[reply]

Filesystems with embedded cryptographic features do exist on other OSs (e.g. CryptoFS on Linux) but the existing documentation appears to point out that they are separate (and incompatible) implementations of the same basic idea (i.e. cryptographic support is done "just in time" when writing/reading bits to/from the physical device). So it appears that "Encrypting File System" (and "EFS" as an acronym in this sense) is indeed a Windows-only thing. I will update the article accordingly. --Mauro Cicognini (talk) 13:30, 11 January 2010 (UTC

hello man this is

The article mentions that both AES and 3DES are used, but does not elaborate further. Which is it, and under what circumstances? —Preceding unsigned comment added by Mojo-chan (talk • contribs)

I've added a table called "Algorithms Used by Operating System Version". Does that provide the clarity you're asking for?--ParanoidMike 14:12, 14 August 2007 (UTC)[reply]

Replay:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS

REG_DWORD value named AlgorithmID.

0x6604: Use the DESX algorithm, which is compatible with all versions of Windows 2000 and Windows XP.

0x6603: Use the 3DES algorithm, which is compatible with all versions of Windows XP and Windows Server 2003.

0x6610: Use the AES 256-bit algorithm (the default value, which is only compatible with Windows XP SP1 or later, Windows Server 2003 and Windows Vista).

Seen on: http://searchwinit.techtarget.com/tip/0,289483,sid1_gci935154,00.html?topic=299543 —Preceding unsigned comment added by 84.77.191.227 (talk)

Further to this, even if the same encryption algorithm is used by Windows XP (or Windows Server 2003) and Windows Vista, EFS encrypted files accessed, created or modified by Windowd Vista are rendered inaccessible in Windows XP (and Windows Server 2003) despite the files being previously accessible.

http://support.microsoft.com/kb/939391 --121.209.113.46 04:37, 8 August 2007 (UTC)[reply]

Why does CryptFS redirect to this page? The *Nix FS and the Win FS is different. 74.121.106.7 16:04, 10 March 2007 (UTC)[reply]

Are the statements listed there "misunderstandigs" i.e. false, or are they true ? --Xerces8 19:20, 21 September 2007 (UTC)[reply]

Some of them are definitely false (at least in XP, do not have enough knowledge about 2k). Don't know about the rest. Also they are uncited. So, I think, they should probably be removed for now pending citing and verification. --soum ^talk 07:58, 22 September 2007 (UTC)[reply]

I removed the section; I agree, they're very ambiguous and unsourced. -- intgr [talk] 13:25, 22 September 2007 (UTC)[reply]

There is an error while saying that Windows Premium includes EFS.

As seen here: http://www.microsoft.com/latam/windows/products/windowsvista/editions/choose.mspx Windows Home Preimum does not support it —Preceding unsigned comment added by 84.77.128.111 (talk) 15:32, 16 January 2008 (UTC)[reply]

My experience shows, that even when a volume is encrypted from the root (that is all maps and files), all the file and directory names are visible. They are not encrypted. Usually when "hiding" files, one also don't want the file and folder structure to be visible to others. Is there something to be done ? Some setting that also encrypts the file and directory names ? --Xerces8 (talk) 10:58, 18 April 2008 (UTC)[reply]

EFS is not used for "hiding" files and folders. Rather it is used to make file data unusable. You can couple it with file/folder permissions to make that folder out of bounds to unauthorized users. --soum ^talk 12:40, 18 April 2008 (UTC)[reply]

Using MS EFS and file/folder permissions doesn't give that much protection. Instead you should use some real disk encryption software like TrueCrypt that encrypts the whole disk volume or even better the whole disk. Then nothing is visible for attackers who don't have the password/key, they can't even see if the disk has any files or not.

--David Göthberg (talk) 13:10, 18 April 2008 (UTC)[reply]

EFS is not designed to protect privacy; rather it's designed to protect security by making file contents unusable for someone who can't decrypt them. A quick-and-dirty way to hide file names and directory structure, whether using EFS or not, is to compress the files into an encrypted 7z archive with the 7-Zip utility (selecting LZMA2 compression and AES encryption, and also enabling the file name encryption checkbox). Sofia Koutsouveli (talk) 18:00, 12 March 2014 (UTC)[reply]

I'd appreciate a discussion somewhere in the article of the difference between Bitlocker and EFS. Tempshill (talk) 00:07, 16 June 2008 (UTC)[reply]

Yeah, me to. If I remember it and have time, I'll do it (if it's not already there). The simple explanation is that Bitlocker encrypts an entire partition, for whatever it's worth over network, while EFS is an NTFS addition that provides some automatic single-file encryption for most entities saved in an encryption marked directory, for whatever it's worth over network. In my mind, a reliable encryption system does this in a similar way as EFS, but does never decrypt a file before sending it over a network, instead the file is sent encrypted over the network and decrypted locally in a user-invisible cache, which is automagically overwritten by the system when the user saves and closes the file. Rursus dixit. (^mbork³!) 16:40, 30 September 2011 (UTC)[reply]

That's right we should surely mention Bitlocker in the article. EFS is a feature provided by the NTFS file system and should work independently of the operating system as long as the O/S supports this NTFS feature, whereas Bitlocker is a program included in some versions of the Microsoft Windows operating system and doesn't involve the NTFS EFS feature. So, the EFS feature is more low-level and thus more direct than the Bitlocker feature. In theory, if you had another O/S which could work with NTFS then it could also work with EFS encryption whereas it wouldn't work with Bitlocker encryption, unless it also had its own program implementing Bitlocker's capabilities. Sofia Koutsouveli (talk) 17:46, 12 March 2014 (UTC)[reply]

The security section is a bit vague to me. It says there are "two significant security vulnerabilities in Windows 2000" but doesn't explicitly state what those are. Also if anyone could add if these are still an issue in later versions, i think it would be quite helpful. TizzyFoe (talk) 18:23, 24 September 2008 (UTC)[reply]

Is there any reason, except the usual Win-mismodularity, that makes it impossible to compress an EFS-encrypted file? Manually compressing a file by say gzip, and then encrypting it should provide no problem whatsoever, but why is it impossible in the Win7 file properties dialog? Rursus dixit. (^mbork³!) 16:33, 30 September 2011 (UTC)[reply]

• It's a Windows problem rather than a general encryption-and-compression problem. Microsoft could have implemented this right if they really wanted. Sofia Koutsouveli (talk) 17:49, 12 March 2014 (UTC)[reply]

The article has a heavy bias in favor of Microsoft. It mentions in detail all different shades and brands of encrypting file systems in Windows and neglects other operating systems, which have more advanced encrypting file systems. On the other hand it fails to mention all threats posed by the Microsoft solution (such as backdoors and the impossibility to do an independent code and security review since the source code is not published) — Preceding unsigned comment added by 93.207.215.193 (talk) 12:16, 20 November 2013 (UTC)[reply]

You've evidently confused this article on an NTFS feature with a survey article on filesystem-level encryption. The "heavy bias" is in fact topicality. Yappy2bhere (talk) 23:58, 30 November 2013 (UTC)[reply]

What could we do to overcome the systemic bias you describe? Can you point to some sources that we can use as references to include neutral information in the article and make it unbiased? Sofia Koutsouveli (talk) 17:39, 12 March 2014 (UTC)[reply]

Does the Windows 7+ implementation utilise AES-NI instructions? — Preceding unsigned comment added by 168.132.10.250 (talk) 14:23, 24 February 2015 (UTC)[reply]

Android (specifically Samsung devices) has a partition called EFS, which is reportedly an acronym for Encrypting File System. However, in Android, EFS stores IMEI, MAC addresses, and other network & connectivity related data.

This should be disambiguated. On a similar note, Amazon EC2 uses a FS called EFS that stands for Elastic File System. ¬Hexafluoride ^(talk) 13:06, 23 April 2015 (UTC)[reply]

But, no official infomation. --211.127.228.179 (talk) 16:48, 19 July 2015 (UTC)[reply]

Build 10547 adds EFS on exFAT. But, no official infomation.--211.127.228.179 (talk) 15:31, 19 September 2015 (UTC)[reply]

Hello fellow Wikipedians,

I have just added archive links to one external link on Encrypting File System. Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:

• Added archive http://web.archive.org/web/20110604213745/http://download.microsoft.com/download/e/b/a/ebafefc9-4b64-4816-8778-9fb33c8c43d9/31_Rights_Management_og_Encrypting_File_Systems.pdftohttp://download.microsoft.com/download/e/b/a/ebafefc9-4b64-4816-8778-9fb33c8c43d9/31_Rights_Management_og_Encrypting_File_Systems.pdf

When you have finished reviewing my changes, please set the checked parameter below to trueorfailed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—^{cyberbot II}_{Talk to my owner:Online} 13:55, 28 February 2016 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified one external link on Encrypting File System. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added {{dead link}} tag to http://technet2.microsoft.com/windowsserver2008/en/library/69f04dd7-bced-4079-84e9-095b8dc563991033.mspx?mfr=true
• Added archive https://web.archive.org/web/20080325134925/http://technet2.microsoft.com:80/windowsserver2008/en/library/f843023b-bedd-40dd-9e5b-f1619eebf7821033.mspx?mfr=truetohttp://technet2.microsoft.com/windowsserver2008/en/library/f843023b-bedd-40dd-9e5b-f1619eebf7821033.mspx?mfr=true

When you have finished reviewing my changes, please set the checked parameter below to trueorfailed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 15:46, 10 November 2016 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified one external link on Encrypting File System. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20160212202653/http://www.pogostick.net/~pnh/ntpasswd/tohttp://pogostick.net/~pnh/ntpasswd/

When you have finished reviewing my changes, please set the checked parameter below to trueorfailed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 04:44, 24 December 2016 (UTC)[reply]