?
Solved

Access Windows EFS file from Mac

Posted on 2009-04-23
4
Medium Priority
?
2,071 Views
Last Modified: 2013-11-12
[How] can I access from my MBP a shared file residing on WIndows XP encrypted via EFS?

I mounted the volume on the Mac using the WIndows user name and password, so I'm somehow imagining that gives the same authority as seeing the file on Windows.  And that the decryption will occur on the Windows machine, with the data transmitted to the Mac in the clear.

From the Mac, I can see the file info (which EFS doesn't affect), but trying to open it gives "The operation cannot be completed because you do not have sufficient privileges for some of the items."  (I think things are mounted properly as I can open the file if I go over to Windows and decrypt it first.)

0
Comment
Question by:DCraft99
  • 2
  • 2
4 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 2000 total points
ID: 24220917
you can't.

EFS is a microsoft-specific technology, which uses a rare form of encryption (DESX, I think MS invented it themselves) wrappered by otherwise industry-standard X509-based (RSA) encryption (there is an extended flag for EFS usage, but that's literally just a flag, it has no practical effect other than telling windows that the key is an EFS one)

there is a data recovery tool from http://www.lostpassword.com/efs.htm that might run in some sort of emulation environment under the mac, but I haven't heard of such usage.
0
 

Author Comment

by:DCraft99
ID: 24230391
I'm pretty sure EFS uses AES encryption by default as of XP SP2 [http://technet.microsoft.com/en-us/library/cc700811.aspx].

And, I don't think that's relevant for the approach I'm imagining, where the encryption/decryption is done on the XP side of the share, with the data transmitted in the clear.

It may still be the case that it can't be done, if XP doesn't support EFS and sharing in the cross-platform way I'm imagining.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24230545
I am not aware of EFS using anything but DESX by default - certainly, that is still true in the XP SP3 machines I have. That said, you *can* force a different crypto algo to be used, but its not particularly easy to do so.

EFS files are not sent across a share already decrypted - the receiving system is supposed to decrypt them. However, if you move or copy EFS encrypted files onto a non-ntfs volume (FAT32 or similar) they will be decrypted before they are transferred.

Truecrypt volumes, when mounted and shared, are shared as unencrypted files - if that helps any.
0
 

Author Comment

by:DCraft99
ID: 24307050
I think you're right that it can't be done.  Obviously not the answer I was hoping for, but then, I don't always get what I hope for :-).

I'm unfamiliar with DESX but have trouble reconciling your statement that EFS uses it by default with Microsoft's (per above reference) that EFS uses 128-bit AES by default.  No matter.  FWIW, I thought Microsoft did a lot right with EFS (I'm not generally a MS fan).

I'll give up on sharing between my Mac and legacy Windows in any transparent way, and just share decrypted files.

(Sorry for the delay in responding.  I just got out of a rabbit hole from a non-bootable system when Partition Magic encountered an error during partition resizing.  Having now read some on Experts Exchange about PM, I'm thinking that's my last use of it.  Yes, I did back up user files first, and it would still have been a pain to rebuild.  A bootable CD with chkdsk eventually worked.)

Thanks for you help.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question