Thread: Need to recover (encrypted) files from XP install on another hard drive
View Single Post
  #19 (permalink)  
Old 09-01-2006, 01:40 AM
Rod Speed
Guest
  
Posts: n/a
Default Re: Need to recover (encrypted) files from XP install on another hard drive
Mxsmanic <mxsmanic@gmail.com> wrote
> Rod Speed writes
>> Mxsmanic <mxsmanic@gmail.com> wrote

>>>> Doubtful, then anyone else could come along and input this
>>>> (usually known) information and generate the key again.

>>> Not if it is generated from internal system data unique to each user
>>> account on the system. However, the mere fact that it can be generated
>>> (rather than being required to come from the user himself) means that
>>> anyone finding out how the key is generated can decrypt the data.

>> Not necessarily, depends on how well that is done.

>>> If the user is not asked for a key, then the only other possibility
>>> is automatic generation of the key, as described above. That
>>> is fundamentally insecure,

>> No it isnt. Only the most poorly implemented systems use JUST
>> internal system data unique to each user account on the system,
>> its completely trivial to use truely random data instead.

> If you use a random key, there's no way to decrypt
> later, since there is no way to reconstruct the key.

You dont need to reconstruct it, you just record what key was used.

That is why XP encryption allows you to export the key/digital certificate
etc so it can be properly backed up in case the hard drive fails etc.

> The user can use a random key, since presumably he'll remember that
> key, but you cannot use random keys when they are generated internally.

Wrong, as always, see above.

> Either the key comes from internal data, or it comes from the user.

Or it comes from random data and that random data based key is kept.

>>> However, I suspect that any built-in Windows encryption isn't
>>> that strong, since it still has to be exportable and practical.

>> Mindlessly silly. Have fun explaining how that
>> is trivial to do with banking transactions etc.

> Banking transactions are not heavily secured.

Clearly you havent got a fucking clue.

>>>> Nope, there is password cracking... and
>>>> not just dictionary or brute force attempts.

>>> Not for NT login passwords.

>> Different matter entirely.

> An administrator password on XP is an NT login password.

Pity what was being discussed was the encryption key, not the login password.



Reply With Quote