From: geeman@best.com
Date: Thu, 8 Oct 1998 09:03:23 +0800
To: Steve Dunlop <cypherpunks@cyberpass.net
Subject: Re: NT 5.0 and EFS -- A victory for widespread use of crypto?
Message-ID: <3.0.32.19691231160000.00695644@shell15.ba.best.com>
MIME-Version: 1.0
Content-Type: text/plain



EFS is being deployed because They realized that with NTFS-readers
available for other OSes besides NT there was no longer even the illusion
of security offered by the NT architecture.  Hence they figured they'd
scramble things up a bit.  It leaves some interesting features OUT ... it
will not Save The World.
 



At 06:06 PM 10/7/98 -0500, Steve Dunlop wrote:
>
>All,
>
>Does anyone have any opinions on the encrypting file
>system (EFS) that is supposed to ship with NT 5.0?
>
>The white paper on the MSDN web site says it uses
>DESX (no explaination as to what the X is) and an
>RSA public key algorithm to store the symmetric keys,
>which are random for each file.
>
>So what's DESX?
>
>EFS appears to have the architecture to support
>arbitrarily long keys although this has been crippled
>in the NT5.0 release, presumably because of
>export limitations.  It has the key recovery features
>you would expect in a commercial product of the
>type; they can be turned off administratively.
>
>Is this a victory for wider use of encryption?
>
>--
>Steve Dunlop
>letters: "dunlop" at "bitstream" dot "net"
>http://www2.bitstream.net/~dunlop
>
>
>
>