Techniques for using EFS encryption for Win 7 systems

What is Efs,efs encryption is based on the public key policy. When encrypting a file or folder with EFS, the system first generates a FEK (file encryption key, the encrypting key for files) that consists of a pseudo-random number, and then creates the encrypted file using the FEK and data extension standard x algorithms and stores it on the hard disk. Delete unencrypted original files at the same time. The system then uses your public key to encrypt the FEK and stores the encrypted FEK in the same encrypted file. When accessing the encrypted file, the system first decrypts the FEK using the current user's private key, and then decrypts the file using FEK. When EFS is first used, if the user does not yet have a public/private key pair (collectively, the key), the key is generated and the data is encrypted. If you log in to a domain environment, the key generation depends on the domain controller, otherwise it depends on the local machine. The EFS encryption system is transparent to the user. This means that if you encrypt some data, your access to the data will be completely permissible and will not be subject to any restrictions. When other unauthorized users try to access the encrypted data, they receive an "Access Denied" error prompt. The user authentication process for EFS encryption occurs when you log on to Windows, and you can open any of the encrypted files that are authorized as long as you log on to Windows.

What if someone else wants to share an EFS-encrypted file or folder? Because the changes to the SID (security designator) will not open the file that was originally encrypted by EFS after reloading the system, you can open the EFS encrypted file to make sure that someone else can share the EFS encrypted file or reload the system. You must make a backup certificate.

1, click the "Start → run" menu item, in the dialog box that appears, enter "Certmgr.msc", and after entering, in the Certificate dialog box that appears, double-click to expand the certificate-current user → personal → certificate option, and in the right-hand section you will receive a certificate with your user name. Select the certificate, click the right mouse button, select the "All Tasks → export" command, open the Certificate Export Wizard dialog box.

2. In the course of the wizard, when prompted with the "Whether you want to export the private key with the certificate" prompt, select the Yes, export private key option, and then the wizard prompts you for a password dialog box. For security purposes, you can set the certificate's security password. When you choose a saved file name and file path, click the "Finish" button to successfully export the certificate, you will find a file on the save path with a PFX extension.

3, when other users or reinstall the system to use the encrypted file, just remember the certificate and password, and then right-click on the certificate, select the "Install Certificate" command, you can enter the Certificate Import Wizard dialog box. By default, click "Next" button, enter the correct password, you can complete the import of the certificate, so that you can successfully open the encrypted file.

Now let's take a look at the entire encryption process for EFS!

1, we first select a folder to encrypt it. Select the folder right click-Properties.

2, in the file properties click Advanced

3. On the Advanced Properties page, select Encrypt content to protect data, and click OK.

4, in the "File Properties" page click "OK", will pop up a confirmation checkbox to tell you whether this encryption applies only to this folder, or to folders and subfolders and files inside, this is optional, and here we select the "Apply changes to this folder, subfolders and Files" option, click " Ok. "

5, at this time we can see the encrypted folder name color has changed, to become green. and the name of the filename in the folder has also become green. Let's see if we can open the file, OK.

6, then we will switch another user to log on this computer, see can open this folder to view files. At this point we can see the encrypted file, open to try, you can see open the file after the pop-up prompts to deny access, so that our files in a protected state.

7, it is noteworthy that even if the user to copy this file to another place, it is also unable to open the file. A friend will ask if the user can cancel the encryption so that he can view the file. Please do not worry because the user does not have native administrator rights, so he cannot do the operation. If you want to remove EFS encryption, just follow the encryption steps to uncheck "Encrypt content to protect data."