Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Transferred encrypted files


  • Please log in to reply
4 replies to this topic

#1 lithiumforce

lithiumforce

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 AM

Posted 05 June 2010 - 01:13 PM

Hey all, I am on my desktop, it was previously windows xp, i copied all my files onto a new hard drive then proceeded to wipe the old drive and clean install windows 7. now i have transferred my files all back, unfortunately one folder had encryption enabled (right click, properties, advanced, encrypt to secure) and now it won't let me access all those files.

Is there a solution or is it all lost?

thanks in advance!

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:57 AM

Posted 05 June 2010 - 01:22 PM

Do you have the keys you created to encrypt that folder? If not then the entire folder is gone.

#3 lithiumforce

lithiumforce
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 AM

Posted 05 June 2010 - 01:23 PM

what do you mean keys... do you mean password? cuz i'm pretty unimaginative, i can figure it out, if keys means some sort of file, then definitely not...

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:57 AM

Posted 05 June 2010 - 01:27 PM

You should have been prompted to create keys that can decrypt the files or folder. As described here:

The following is the list of standard practices:

* Teach users to export their certificates and private keys to removable media and store the media securely when it is not in use. For the greatest possible security, the private key must be removed from the computer whenever the computer is not in use. This protects against attackers who physically obtain the computer and try to access the private key. When the encrypted files must be accessed, the private key can easily be imported from the removable media.
* Encrypt the My Documents folder for all users (User_profile\My Documents). This makes sure that the personal folder, where most documents are stored, is encrypted by default.
* Teach users to never encrypt individual files but to encrypt folders. Programs work on files in various ways. Encrypting files consistently at the folder level makes sure that files are not unexpectedly decrypted.
* The private keys that are associated with recovery certificates are extremely sensitive. These keys must be generated either on a computer that is physically secured, or their certificates must be exported to a .pfx file, protected with a strong password, and saved on a disk that is stored in a physically secure location.
* Recovery agent certificates must be assigned to special recovery agent accounts that are not used for any other purpose.
* Do not destroy recovery certificates or private keys when recovery agents are changed. (Agents are changed periodically). Keep them all, until all files that may have been encrypted with them are updated.
* Designate two or more recovery agent accounts per organizational unit (OU), depending on the size of the OU. Designate two or more computers for recovery, one for each designated recovery agent account. Grant permissions to appropriate administrators to use the recovery agent accounts. It is a good idea to have two recovery agent accounts to provide redundancy for file recovery. Having two computers that hold these keys provides more redundancy to allow recovery of lost data.
* Implement a recovery agent archive program to make sure that encrypted files can be recovered by using obsolete recovery keys. Recovery certificates and private keys must be exported and stored in a controlled and secure manner. Ideally, as with all secure data, archives must be stored in a controlled access vault and you must have two archives: a master and a backup. The master is kept on-site, while the backup is located in a secure off-site location.
* Avoid using print spool files in your print server architecture, or make sure that print spool files are generated in an encrypted folder.
* The Encrypting File System does take some CPU overhead every time a user encrypts and decrypts a file. Plan your server usage wisely. Load balance your servers when there are many clients using Encrypting File System (EFS).


From: Best practices for the Encrypting File System

So without the decryption keys that folder is pretty much wasted.

#5 lithiumforce

lithiumforce
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 AM

Posted 05 June 2010 - 01:28 PM

ah that's what i figured, too bad.

thanks for your help!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users