Encryption nightmare

Hi folks, been a while since I've posted!

I recently did a clean install, going from XP MCE SP2 to Win7 Pro-N. I got everything backed up but made a rookie mistake and forgot to decrypt a small batch of files after they were moved to the external drive. I know retrieving these files is next to impossible, but here is a question...

I have backups of a few of these files that are not encrypted. So, if I know the contents of the file, is it possible to use that somehow to re-create the key for the encrypted version? And then use that key to retrieve the rest of them?

Obviously I know the account name and password since this is my home computer so maybe that would help also? I don't care if it takes a year to process, I'd just like these files back!

Thanks for any help with this.
18 answers Last reply
More about encryption nightmare
  1. An unencrypter version of a file cannot be used to decrypt and encrypted version of the file. You need to know the password you used to encrypt them so the program you used can use the key associated with that password to decrypt the remaining files.
  2. Thanks. By password do you mean the account password? That I do have, and is the same one I'm still using on the new OS.
  3. What did you use to encrypt these files?
  4. Used regular Windows encryption. Properties-->Advanced-->Encrypt
  5. I see.... i'm not sure how to get those back... excuse me while I embark on a Google quest...
  6. If you find an answer to this debacle then I will personally send you a box of my wife's cookies. :)
  7. Mavicator said:
    Thanks. By password do you mean the account password? That I do have, and is the same one I'm still using on the new OS.


    If my reading and interpretation is correct, I think you're SOL here. The account name and password between the 2 operating systems is the same, but the keys used to encrypt and decrypt the data are different, and there's really no way to retrieve them after the fact. Unless the old XP install is still intact, you're probably not going to get those files back.
  8. That's what I'm afraid of. Even if there was a brute force method, I'd be willing to try it even though it could take forever. That's what spare hardware is for. ;)
  9. Brute forcing it could be done if you're willing to wait long enough, but I don't know of any easy method of doing so when it comes to EFS.
  10. I'd be willing to wait, since the alternative is deletion and being called a quitter. :D I haven't been able to figure out how to do it though. I have to imagine that knowing the account name would greatly speed things up, since (unless I'm mistaken) the encryption key is partly generated by that name.
  11. I know this is a really old thread, but keepass says if you want to use the Windows account as a password, you should back up the SID

    http://en.wikipedia.org/wiki/Security_Identifier

    That probably would apply to you too. You would need to in essense spoof the old account. The only thing is that you probably didn't back the registry up.

    In the future, use software like Truecypt which is independent of windows.
  12. Well it's been a year and a half so I thought I'd check and see if anyone has any new ideas for recovering encrypted files? If there's a way to brute force them then I'm still up for it. I've already waited a year and a half, in which time I could have had a spare machine working on it! It makes me sad every time I see my hard drive sitting there unplugged with my old files on it.
  13. I still think you're SOL unless you want to make a brute force attempt. Any way of easily recovering an encrypted file means that you're not the only one (as the rightful owner of that data) that could get easy access to it.
  14. First you need to find what software to try to use to decrypt the files. The only way to do that is to actually run it and hope for the best. http://sectools.org/crackers.html

    I think Windows 7 uses either 128 bit or 256 bit encryption depending on how you configured it. Here is the time it will take. Bring a long book with you.

    http://en.wikipedia.org/wiki/Brute-force_attack

    128 149,745,258,842,898 years
    256 50,955,671,114,250,100,000,000,000,000,000,000,000,000,000,000,000,000 years
  15. Only 128 trillion years? Better get started! They base that number on a machine that could crack 56-bit encryption in one second. I wonder how long a typical home machine could actually do it. Guess it doesn't matter, it's a crap shoot either way.
  16. Mavicator said:
    Only 128 trillion years? Better get started! They base that number on a machine that could crack 56-bit encryption in one second. I wonder how long a typical home machine could actually do it. Guess it doesn't matter, it's a crap shoot either way.


    That's 128 bit encryption, 149 trillion years.

    Hope you're not using solar power, the sun will probably be dead by then.
  17. Well if it's gonna die anyway then I may as well harness it's full power now, to power my supercomputer. Sorry about the lights going out... ;)
  18. Any power shortages suffered from this point forward shall be deemed Mavicator's fault :).
Ask a new question

Read More

Security Encryption Clean Install Windows 7