• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 659
  • Last Modified:

? I need a microsoft reference that windows 7 EFS is FIPS compliant?

I need to have a reference to an authoritative document that states that MS WINDOWS 7 enterprise EFS implementation is US FIPS compliant.
thanks
Phil
0
philkryder
Asked:
philkryder
2 Solutions
 
jcimarronCommented:
0
 
aadihCommented:
Will this satisfy?:

http://support.microsoft.com/kb/811833 >

[Note: look "applies to."]
0
 
philkryderAuthor Commented:
that 811833 looked promising when I saw it before.
but,
here's the catch
windows 7 - isn't mentioned in this Notes:
Vista and Sever 2008 are. I hate to assume - is there something that states W7 is also 256 AES or better?
...
Notes
By default, EFS on Windows XP RTM uses the DESX algorithm. If you enable this setting, EFS uses 168-bit 3DES encryption.
By default, in Windows XP Service Pack 1 (SP1), in later Windows XP service packs, and in Windows Server 2003, EFS uses the Advanced Encryption Standard (AES) algorithm with a 256-bit key length. However, EFS uses the kernel-mode AES implementation. This implementation is not FIPS-validated on these platforms. If you enable the FIPS setting on these platforms, the operating system uses the 3DES algorithm with a 168-bit key length.
In Windows Vista and in Windows Server 2008, EFS uses the AES algorithm with 256-bit keys. If you enable this setting, AES-256 will be used.
FIPS local policy does not affect password key encryption.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
jcimarronCommented:
philkryder---
The title of that reference and later content say
"In Windows XP and in later versions of Windows"

The "Applies To" section (at bottom) lists Win 7.  

This certainly suggests that what is said about Win Vista and Server 2008, etc. applies to Win 7.

Did you read http://technet.microsoft.com/en-us/library/cc750357.aspx  ?
If you click, for example, Procurement Officer under Audience it says
"Windows Vista, Windows Server 2008, or later in several places
0
 
LeeTutorretiredCommented:
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
jcimarronCommented:
The information in http:#a39260384 and http:#a39260669  are factual answers and certainly answer the question asked.
0
 
philkryderAuthor Commented:
From the basic – what is it:
http://windows.microsoft.com/en-us/windows-vista/what-is-encrypting-file-system-efs
 
to  WHAT’S new in W7
http://technet.microsoft.com/en-us/library/dd630631(v=ws.10).aspx
 
 By default, EFS uses the 2,048-bit key size for self-signed RSA certificates and the 256-bit key for ECC certificates.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now