Protecting signing key

Ryan Malayter malayter at
Wed Aug 3 00:48:39 CEST 2005

On 8/2/05, Johan Wevers <johanw at> wrote:
> As long as you're not as stupid to use the built-in functions. I've
> heard stories that the FBI was very happy when they confiscated a
> laptop from alledged Al Quaida members protected only by that - didn't
> seem difficult to crack for them. And why use weak protection as you
> can get good protection too?

Windows doesn't have whole-disk encryption yet, only per-file and
per-folder encryption.

That said, everything I've read indicates that the encrypting file
system (EFS) in Windows 2000+ is reasonably well implemented. However,
the user's password is still the weak link, as it is used to protect
the private key that EFS needs for decryption.

Because you can get the hash of this password from the disk in some
way (you always have to be able to, otherwise you could not
authenticate), the password is the weak link. Unless the password was
very long and full of entropy, brute forcing it from the NTLMv2 hash
would be easy for a government organization. And if the Al-Queda dude
neglected to turn off the generation of the weak LANMAN hash, it would
be even easier. (LANMAN hash generation is off by default in newer
versions of Windows).

Microsoft is putting whole-disk encryption into Windows Vista
including card/token and RSA secureID support. Similar (hopefully
better?) functionality is already available for 2000/XP/2003 from a
host of vendors, including PGP Corp & PC Guardian.


More information about the Gnupg-users mailing list