If not redirected, please click here https://www.thesecuritybuddy.com/encryption/how-does-encrypting-file-system-work/
An Encrypted File System does data encryption in file level. It can encrypt files and directories selectively or all of them using encryption keys. So, It ensures data protection in file level granularity.
In an Encrypted File System, encrypting
and decrypting files using asymmetric keys may take more time and
degrade the performance of file system. So, a symmetric key is used
for that purpose.
The symmetric encryption algorithm used
in Encrypted File System varies with file systems and its version.
Normally, a file symmetric key is used to encrypt and decrypt the
files and the file symmetric key is again encrypted with the public
key of the user.
When a user authenticates himself, the Encrypted File System component driver checks the digital certificate to retrieve the private key and then decrypts the symmetric key using that private key. All files and directories later are encrypted and decrypted using the symmetric key.
Folders or directories, whose contents are to be encrypted in the file system, are marked with a special field. If a folder or directory is marked to be encrypted, then all subfolders or subdirectories under it are marked to be encrypted.
When a user authenticates himself, the Encrypted File System component driver checks the digital certificate to retrieve the private key and then decrypts the symmetric key using that private key. All files and directories later are encrypted and decrypted using the symmetric key.
Folders or directories, whose contents are to be encrypted in the file system, are marked with a special field. If a folder or directory is marked to be encrypted, then all subfolders or subdirectories under it are marked to be encrypted.
If a file or directory is copied to a
volume formatted with different file system, then the file or
directory is first decrypted with the symmetric key and then copied.
But, at the time of backup, normally the files are copied in
encrypted form. The back up applications take care of that.
Vulnerabilities of Encrypted File System
Vulnerabilities of Encrypted File System
There are mainly two vulnerabilities in
an Encrypted File System.
- Normally, the local administrator is
the default data recovery agent. He can decrypt the encrypted files
of all users. So, an attacker can hack the account of the local
administrator and steal the data. But some Encrypted File Systems
prevent this vulnerabilities by keeping no default data recovery
agent. Instead, password file of all users are again encrypted with
another key and that passphrase and key is kept safeguarded from the
attacker.
- The attacker can hack a user's account and reset the local user's password. This will enable him to gain access to the RSA private key and decrypt all the files. Some Encrypted File Systems prevents this vulnerability by encrypting user's private key with user's password as well as a salt. So, the attacker would still need the user's passphrase to get access to the user's private key.
So, Encrypted File System is good
enough to ensure data protection. It can prevent your data from
attackers well enough.
So, stay safe, protect your data!
No comments:
Post a Comment