Computer users will learn about EFS (Encrypting File System) and its two types of key, namely public key cryptography and symmetric key algorithms.
About EFS
What is EFS? Short for Encrypting File System, EFS is introduced as a transparent public key encryption for the version 3.0 of Windows NTFS (New Technology File System).
How does it work? The technology works together with NTFS permissions to grant and refuse computers access to files and folders in some Windows operating systems.
To be more specific, it ensures that any files or folders is stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.
Without EFS, when operating system is running, access to files or folders goes through OS-controlled user authentication and access control lists. However, this barrier can be easily avoided if an attacker gains physical access to users’ computers.
Windows EFS can help users avoid the above risk easily. In the Microsoft Windows operating systems, EFS uses a combination of public key cryptography and symmetric key cryptography to make decrypting the encrypted files or folders extremely difficult without the correct key.
Public Key Cryptography
Public key cryptography (also known as asymmetric cryptography) uses two types of keys, namely public keys which may be disseminated widely, and private keys which are known only to the owner.
These keys are generated, depending on cryptographic algorithms based on mathematical problems to produce one-way functions.
Any person can encrypt a message using the receiver’s public key, but the encrypted files or folders can only be decrypted with the receiver’s private key.
Symmetric Key Cryptography
Symmetric key algorithms, algorithms for cryptography, uses the same cryptographic keys for encryption of plaintext and decryption of ciphertext.
In practice, the key represents a shared secret between two or more parties that can be used to maintain a private information link.
Using this key, both parties are required to have access to the secret key, which is one of its main shortcomings.
Process of Encryption
Tip: This operation can be adopted in NTFS partition.
Step 1: Press Windows and E on keyboard to open Windows Explorer.
Step 2: Choose a file or folder to be encrypted and right-click it. Click Properties option at the bottom.
Step 3: Click Advanced button in the General screen on the new pop-up window.
Step 4: Choose Encrypt contents to secure data and then click OK.
Step 5: After going back to the Properties window, click OK button. An Encryption Warning dialog will display.
Step 6: Click Encrypt the File Only to encrypt the individual file, then click OK to finish.
Process of Decryption
Step 1: Press Windows and E on keyboard and navigate to location of the file computer users want to decrypt.
Step 2: Right-click the file and click Properties.
Step 3: Click Advanced button on the General tab.
Step 4: Uncheck the box next to Encrypt Contents to Secure Data, then click the OK button.
Step 5: Click OK button to close the file properties and complete the file decryption.
Encrypted Files or Folders Sharing
When files or folders have been encrypted, computer users will see that Details button is not greyed out.
In this situation, follow the steps displayed in the following content.
Step 1: Click Details button.
Step 2: Click Add button to display the Select User dialog box.
Step 3: Click the user with whom computer users want to share access to this file or folder, and then click OK.
Step 4: Click OK to close the Encryption Details dialog box.
Step 5: Click OK to close the Advanced Attributes dialog box, then click OK again to close the encrypted file’s Properties dialog box.