I’ve had several blog posts about the improved security in Windows Vista and Server 2008, particularly around cryptography. Here’s one more, albeit a short one.
This post is about how, generally, Encrypted File System (EFS) works using Advanced Encryption Standards (AES) encryption algorithms to encrypt files.
Why is this at all interesting? Well, for many government agencies and businesses which work closely with them there is a need to reach a certain standard of security compliance. This standard is usually referred to simply as FIPS. So a better understanding of some of the details on how AES works in specific scenarios can be helpful.
In the post Server 2008 and Windows Vista: Encryption Better Together we talked about some basic logic on Vista and 2008 that can help you understand when the better encryption methods will be used for Kerberos authenticated actions over the network.
We do have a Knowledge Base article which discusses a setting for the client computer which sets it to use only FIPS compliant security such as AES encryption-when encryption is used. That article is here, but I expect an update for the article to make it a bit better to be coming out soon, so keep checking back on it. The article essentially goes over the global setting for the minimum allowed system cryptography methods.
The above paragraph is a good segue into a question which recently came up of what happens if you have an upgraded computer which has previously EFS-encrypted files on it and that computer is set for FIPS compliant cryptography only. In the prior operating system (Windows XP or Server 2003) the files could not have been encrypted using AES, so what happens once the server or workstation is upgraded to Windows Vista or Server 2008? This can make a big difference for folks who are required to have every piece of data which can use the best encryption actually use that best encryption.
The simple answer is that the files remain as they are, encrypted with the older (non-AES or Suite B) encryption algorithm. Why is that, you ask?
Well it all stems from how EFS works under the hood. A short explanation is this…
When you manually choose to encrypt a file or directory what happens is that the encryption algorithm is used to create an encryption key from the recovery agent certificate and the user certificate. That encryption key is then used to encrypt the data of the file and place a header to that file which contained the File Encryption Key (FEK) for Data Recovery Field or Fields (DRF, the number depending on how many recovery agents there are) and the Data Decryption Field (DDF).
In order to decrypt a file the user’s key must match that which encrypted the file in the first place. Since that key is generated using a particular encryption algorithm, and the DDF field is placed on the file on your hard disk things don’t change. So, if I encrypt a file using AES encryption to generate the encryption key then I will only decrypt the file using that same encryption algorithm.
The opposite holds true as well-if the file was encrypted using some other, older encryption algorithm then that is what the file will require for on-the-fly decryption as the user opens the file to do his or her daily business. Or to decrypt the file, or recover it, entirely.
For a more detailed and most excellently written explanation of how EFS works I recommend you go here.
And that leads us back to the actual question which prompted this blog post. What happens to those files that were encrypted on an operating system which doesn’t support AES? The answer is that they remain using the encryption method that their encryption key (and stored in the FEK on the file) was generated with.
There is no action on operating system upgrade, or file migration, which will work to decrypt the file and re-encrypt the file using a different or more secure encryption method. So, if you were upgrading to Windows Vista or Server 2008 and you needed your encrypted files on disk to be encrypted using AES encryption then you would need to manually decrypt the files first and then select them to be encrypted all over again.
However, there’s a great way to make sure the files get encrypted using AES once you’ve upgraded to Vista or 2008 without you manually having to do it (though you’ll still need to manually decrypt them first). It’s called EFS Assistant.
EFS Assistant is part of the Data Encryption Toolkit for Mobile PCs , which can be downloaded FREE here. More detail on that really cool FREE download can be found here Data Encryption Toolkit for Mobile PCs: Microsoft Encrypting File System Assistant Administrator's Guide.
Did I mention that awesome product called EFS Assistant is FREE?