I am looking into using EFS (Encrypting File System) at file/folder level on Windows 7.
I read Wikipedia article on EFS and it does mention several vulnerabilities related to Windows 2000 and XP. Apparently they have been fixed in later OS versions.
Then I found this tool (Advanced EFS Data Recovery, AEFSDR): http://www.elcomsoft.com/aefsdr.html that allows to decrypt EFS encrypted files in some cases. I am now trying to understand just how vulnerable EFS is on Windows 7 is when this tool is used.
AEFSDR product page mentions Windows 2000 vulnerability that can be ignored. Other than that it doesn't have a lot of details.
More information is offered here: http://www.elcomsoft.com/cases/tips_on_recovering_EFS-encrypted_data_when_it_gets_lost.pdf . In paragraph called "Solution" it says:
Advanced EFS Data Recovery allows one to decrypt files even if the user database is protected with SYSKEY. First, AEFSDR searches for all EFS keys, scanning the hard drive sector by sector. After the user has entered the user password into the program, the software decrypts the keys, or at least one key, needed for decryption of user’s encrypted data. On the second stage AEFSDR looks for EFS-encrypted files in the file system and attempts to recover them. The recovery rate is usually very high, 99% or more.
So user password had to be entered. I assume that was a password for Windows User account.
My question is this: consider the laptop with EFS encrypted files/folder was stolen and it was shut down at the time (completely off, not in sleep/hibernate mode). No user passwords are available for intruder but the hard drive can obviously be removed and accessed by another computer. Will it be possible to decrypt any of the files?
Best Answer
EFS is designed to protect your files based on your password. Therefore if your password is long and complex enough and of course it is only used for login it should be safe.
But usually Windows user passwords are much too short. Unfortunately Windows 7 stores them in special hashed way (NTLMv2) - older versions even in the more unsecure NTLM version. Using current graphic cards as code cracker even NTLMv2 password can broken:
Cracking NTLMv2 Authentication (from 2002) The interesting part is the second last slide even if it only considers old CPUs for breaking the password.
AFAIK only a complex password with 12 or more characters can be considered secure at the moment.