NTFS5 (Windows2000 Only) Encryption

Is there a backdoor to the ntfs5 encryption that only MS can access?

I heard that the US government requires that all companies that make encryption software in the US to produce them with a universal key to unlock the data in case the government itself wants to access the data. Is it there, did this law ever really go into effect?

I want to see documentation on this.
roadrunnerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

roadrunnerAuthor Commented:
Edited text of question.
0
jhanceCommented:
My opinion is that there is NOT.  While we might never know for sure, there is not currently a US Federal law requiring such a backdoor.  The Clinton administration has floated several such proposal since the flurry of criticism over the SKIPPER encryption chip killed that idea but none have become (or even come close to becoming) law.

It's seem very unlikely to me that MS would risk it's own reputation and it's cherished NT/W2K security on a security backdoor that was not required.  Secrets like this are not well kept and if it had been done, we would have probably heard about it in the trade press.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
FrancescoCommented:
the answer is good enough for me, but i don't know how to give the points. how do i do that?
0
Adam LeinssServer SpecialistCommented:
You see where the title says Comment?  On the very far right, you will see Accept as Answer in very small print in the title.  Click that and this will accept Jhance's answer.

Also, let it been know that EFS uses DES and RSA, both used by the gov't.  The gov't went nuts when people started using PGP to encrypt messages, because they didn't know what technology it was using.  I'm quite sure that the gov't knows how to decrypt DES and RSA, otherwise it won't allow it for civilian use.
0
jhanceCommented:
roadrunner,

There is an answer posted on this question.  Just accept it.


aleinss,

I'll agree with your point on DES.  There's no trick to decrypting it with it's weak 56-bit key.  Even low budget operators can crack it using brute force in a short time.  I'm positive that the NSA has built DES cracking hardware that can do it in minutes.

RSA is more of a problem.  Since it can use a variable length key, it's strength depends on the key length.  I don't think that there is a general "defect" in the RSA algorithm that the NSA knows that has escaped everyone else's attention.  While the NSA might be able to squelch US based researchers from blowing the whistle on an RSA defect, there are many top-notch cryptographers in other parts of the world that the NSA has little influence on.

In my view, cryptography is like the genie that has escaped it's bottle.  The US Govt. can wish it were different and "play" like it weren't but the fact is that any would-be criminal can get virtually uncrackable encryption anywhere he wants it.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.