(分析EFS加解密的过程以及其存在的局限性.docVIP

分析EFS加解密的过程以及其存在的局限性 EFS（Encrypting File System，加密文件体系）是Windows 2000/XP/VISTA所特有的一个实用功能，关于NTFS卷上的文件和数据，都能够直接被操作体系加密保管。若是硬盘上的文件现已运用EFS进行了加密，即便一个攻击者能拜访到硬盘上，因为没有解密的密钥，文件也是不可用的，在很大程度上提高了数据的安全性。这种特性关于移动用户、经过宽带衔接的用户、对敏感数据有更高安全需求的组织的长处是清楚明了的。 EFS ( Encrypting File System, the encrypting file system ) is a utility function for the typical Windows 2000/XP/VISTA, about NTFS volume of documents and data, can be directly by the operating system encryption storage. If the file on the hard disk has been using EFS for encryption, even if an attacker can visit to the hard disk, because there is no decryption key, the file is not available, greatly improve the security of data. The characteristics of mobile users, through a broadband connection, the user of sensitive data has higher security needs of the advantage is clear. 　　EFS能够被以为除NTFS外的第二层防护，为拜访一个被加密的文件，用户有必要有拜访到文件的NTFS权限。在关联NTFS权限的用户能看到文件夹中的文件，但不能翻开文件除非有相应的解密密钥。相同，一个用户有相应的密钥但没有相应的NTFS权限也不能拜访到文件。所以一个用户要能翻开加密的文件，一起需求NTFS权限宽和密密钥。 EFS can be considered the second layer of protection in addition to NTFS, to visit an encrypted file, the user need to visit to the file NTFS permission. The association of NTFS users can see the files in a folder, but the file could not be opened unless there is a corresponding decryption key. The same, a user has a corresponding key but no corresponding NTFS permissions cannot visit to a file. So a user can open the encrypted file, together with the requirement of NTFS access width and secret key. 　　EFS加密是根据公钥战略的。在运用EFS加密一个文件或文件夹时，体系首要会生成一个由伪随机数组成的FEK (File Encryption Key，文件加密钥匙)，然后将运用FEK和数据扩大规范X算法创立加密后的文件，并把它存储到硬盘上，一起删去未加密的原始文件。随后体系运用用户的公钥加密FEK，并把加密后的FEK存储在同一个加密文件中。而在拜访被加密的文件时，体系首要运用当时用户的私钥解密FEK，然后运用FEK解密出文件。 The EFS encryption is based on public key strategy. In the use of EFS encrypt a file or folder, the system first generates a composed of pseudo random number FEK ( File Encryption Key, file encryption keys ), and then by using FEK and data to expand the specification of X algorithm create enc