Solved

? I need a microsoft reference that windows 7 EFS is FIPS compliant?

Posted on 2013-06-19
8
519 Views
Last Modified: 2013-07-13
I need to have a reference to an authoritative document that states that MS WINDOWS 7 enterprise EFS implementation is US FIPS compliant.
thanks
Phil
0
Comment
Question by:philkryder
8 Comments
 
LVL 50

Accepted Solution

by:
jcimarron earned 500 total points
Comment Utility
0
 
LVL 24

Expert Comment

by:aadih
Comment Utility
Will this satisfy?:

< http://support.microsoft.com/kb/811833 >

[Note: look "applies to."]
0
 
LVL 1

Author Comment

by:philkryder
Comment Utility
that 811833 looked promising when I saw it before.
but,
here's the catch
windows 7 - isn't mentioned in this Notes:
Vista and Sever 2008 are. I hate to assume - is there something that states W7 is also 256 AES or better?
...
Notes
By default, EFS on Windows XP RTM uses the DESX algorithm. If you enable this setting, EFS uses 168-bit 3DES encryption.
By default, in Windows XP Service Pack 1 (SP1), in later Windows XP service packs, and in Windows Server 2003, EFS uses the Advanced Encryption Standard (AES) algorithm with a 256-bit key length. However, EFS uses the kernel-mode AES implementation. This implementation is not FIPS-validated on these platforms. If you enable the FIPS setting on these platforms, the operating system uses the 3DES algorithm with a 168-bit key length.
In Windows Vista and in Windows Server 2008, EFS uses the AES algorithm with 256-bit keys. If you enable this setting, AES-256 will be used.
FIPS local policy does not affect password key encryption.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 500 total points
Comment Utility
philkryder---
The title of that reference and later content say
"In Windows XP and in later versions of Windows"

The "Applies To" section (at bottom) lists Win 7.  

This certainly suggests that what is said about Win Vista and Server 2008, etc. applies to Win 7.

Did you read http://technet.microsoft.com/en-us/library/cc750357.aspx  ?
If you click, for example, Procurement Officer under Audience it says
"Windows Vista, Windows Server 2008, or later in several places
0
 
LVL 59

Expert Comment

by:LeeTutor
Comment Utility
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 50

Expert Comment

by:jcimarron
Comment Utility
The information in http:#a39260384 and http:#a39260669  are factual answers and certainly answer the question asked.
0
 
LVL 1

Author Comment

by:philkryder
Comment Utility
From the basic – what is it:
http://windows.microsoft.com/en-us/windows-vista/what-is-encrypting-file-system-efs
 
to  WHAT’S new in W7
http://technet.microsoft.com/en-us/library/dd630631(v=ws.10).aspx
 
 By default, EFS uses the 2,048-bit key size for self-signed RSA certificates and the 256-bit key for ECC certificates.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Recently Microsoft released a brand new function called CONCAT. It's supposed to replace its predecessor CONCATENATE. But how does it work? And what's new? In this article, we take a closer look at all of this - we even included an exercise file for…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now