Sign in with
Sign up | Sign in
Your question

Encryption nightmare

Tags:
  • Security
  • Encryption
  • Clean Install
  • Windows 7
Last response: in Windows 7
Share
November 29, 2009 8:42:40 PM

Hi folks, been a while since I've posted!

I recently did a clean install, going from XP MCE SP2 to Win7 Pro-N. I got everything backed up but made a rookie mistake and forgot to decrypt a small batch of files after they were moved to the external drive. I know retrieving these files is next to impossible, but here is a question...

I have backups of a few of these files that are not encrypted. So, if I know the contents of the file, is it possible to use that somehow to re-create the key for the encrypted version? And then use that key to retrieve the rest of them?

Obviously I know the account name and password since this is my home computer so maybe that would help also? I don't care if it takes a year to process, I'd just like these files back!

Thanks for any help with this.

More about : encryption nightmare

a c 215 $ Windows 7
November 29, 2009 9:08:19 PM

An unencrypter version of a file cannot be used to decrypt and encrypted version of the file. You need to know the password you used to encrypt them so the program you used can use the key associated with that password to decrypt the remaining files.
m
0
l
November 29, 2009 9:11:04 PM

Thanks. By password do you mean the account password? That I do have, and is the same one I'm still using on the new OS.
m
0
l
Related resources
a c 215 $ Windows 7
November 29, 2009 10:29:47 PM

What did you use to encrypt these files?
m
0
l
November 29, 2009 10:51:33 PM

Used regular Windows encryption. Properties-->Advanced-->Encrypt
m
0
l
a c 215 $ Windows 7
November 29, 2009 10:53:18 PM

I see.... i'm not sure how to get those back... excuse me while I embark on a Google quest...
m
0
l
November 29, 2009 11:01:46 PM

If you find an answer to this debacle then I will personally send you a box of my wife's cookies. :) 
m
0
l
a c 215 $ Windows 7
November 29, 2009 11:06:28 PM

Mavicator said:
Thanks. By password do you mean the account password? That I do have, and is the same one I'm still using on the new OS.


If my reading and interpretation is correct, I think you're SOL here. The account name and password between the 2 operating systems is the same, but the keys used to encrypt and decrypt the data are different, and there's really no way to retrieve them after the fact. Unless the old XP install is still intact, you're probably not going to get those files back.
m
0
l
November 29, 2009 11:08:29 PM

That's what I'm afraid of. Even if there was a brute force method, I'd be willing to try it even though it could take forever. That's what spare hardware is for. ;) 
m
0
l
a c 215 $ Windows 7
November 29, 2009 11:12:10 PM

Brute forcing it could be done if you're willing to wait long enough, but I don't know of any easy method of doing so when it comes to EFS.
m
0
l
November 29, 2009 11:16:54 PM

I'd be willing to wait, since the alternative is deletion and being called a quitter. :D  I haven't been able to figure out how to do it though. I have to imagine that knowing the account name would greatly speed things up, since (unless I'm mistaken) the encryption key is partly generated by that name.
m
0
l
October 14, 2010 4:38:07 AM

I know this is a really old thread, but keepass says if you want to use the Windows account as a password, you should back up the SID

http://en.wikipedia.org/wiki/Security_Identifier

That probably would apply to you too. You would need to in essense spoof the old account. The only thing is that you probably didn't back the registry up.

In the future, use software like Truecypt which is independent of windows.
m
0
l
June 27, 2011 9:48:03 PM

Well it's been a year and a half so I thought I'd check and see if anyone has any new ideas for recovering encrypted files? If there's a way to brute force them then I'm still up for it. I've already waited a year and a half, in which time I could have had a spare machine working on it! It makes me sad every time I see my hard drive sitting there unplugged with my old files on it.
m
0
l
a c 215 $ Windows 7
June 27, 2011 10:38:31 PM

I still think you're SOL unless you want to make a brute force attempt. Any way of easily recovering an encrypted file means that you're not the only one (as the rightful owner of that data) that could get easy access to it.
m
0
l
a b 8 Security
a c 376 $ Windows 7
June 28, 2011 3:43:52 PM

First you need to find what software to try to use to decrypt the files. The only way to do that is to actually run it and hope for the best. http://sectools.org/crackers.html

I think Windows 7 uses either 128 bit or 256 bit encryption depending on how you configured it. Here is the time it will take. Bring a long book with you.

http://en.wikipedia.org/wiki/Brute-force_attack

128 149,745,258,842,898 years
256 50,955,671,114,250,100,000,000,000,000,000,000,000,000,000,000,000,000 years
m
0
l
June 28, 2011 4:02:26 PM

Only 128 trillion years? Better get started! They base that number on a machine that could crack 56-bit encryption in one second. I wonder how long a typical home machine could actually do it. Guess it doesn't matter, it's a crap shoot either way.
m
0
l
a b 8 Security
a c 376 $ Windows 7
June 28, 2011 4:13:15 PM

Mavicator said:
Only 128 trillion years? Better get started! They base that number on a machine that could crack 56-bit encryption in one second. I wonder how long a typical home machine could actually do it. Guess it doesn't matter, it's a crap shoot either way.


That's 128 bit encryption, 149 trillion years.

Hope you're not using solar power, the sun will probably be dead by then.
m
0
l
June 28, 2011 11:50:10 PM

Well if it's gonna die anyway then I may as well harness it's full power now, to power my supercomputer. Sorry about the lights going out... ;) 
m
0
l
a c 215 $ Windows 7
June 29, 2011 2:30:16 AM

Any power shortages suffered from this point forward shall be deemed Mavicator's fault :) .
m
0
l
!