Encrypting File System

EFS (Encrypting File System) uses public-key encryption to encrypt and protect files.
A user encrypts a file, EFS automatically generates a bulk symmetric encryption key and then encrypts the file by using the key. EFS then utilizes the user’s public key to encrypt the bulk encryption key. (The user’s key is called a File Encryption Key, or FEK.) EFS stores the FEK for an encrypted file within an attribute called the Data Decryption Field (DDF) in the file itself. Additionally, EFS also encrypts the bulk encryption key by using the recovery agent’s public key.

This FEK is stored in the Data Recovery Field (DRF) of the file. The DRF can include data for multiple recovery agents. Each time EFS saves the file, it generates a new DRF by using the current recovery-agent list, which is based on the recovery policy.

Here is the document how to encrypt.

Encrypting File System

Posted on March 2, 2012, in General, Uncategorized. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: