Solved

? I need a microsoft reference that windows 7 EFS is FIPS compliant?

Posted on 2013-06-19
8
539 Views
Last Modified: 2013-07-13
I need to have a reference to an authoritative document that states that MS WINDOWS 7 enterprise EFS implementation is US FIPS compliant.
thanks
Phil
0
Comment
Question by:philkryder
8 Comments
 
LVL 50

Accepted Solution

by:
jcimarron earned 500 total points
ID: 39260384
0
 
LVL 24

Expert Comment

by:aadih
ID: 39260389
Will this satisfy?:

http://support.microsoft.com/kb/811833 >

[Note: look "applies to."]
0
 
LVL 1

Author Comment

by:philkryder
ID: 39260437
that 811833 looked promising when I saw it before.
but,
here's the catch
windows 7 - isn't mentioned in this Notes:
Vista and Sever 2008 are. I hate to assume - is there something that states W7 is also 256 AES or better?
...
Notes
By default, EFS on Windows XP RTM uses the DESX algorithm. If you enable this setting, EFS uses 168-bit 3DES encryption.
By default, in Windows XP Service Pack 1 (SP1), in later Windows XP service packs, and in Windows Server 2003, EFS uses the Advanced Encryption Standard (AES) algorithm with a 256-bit key length. However, EFS uses the kernel-mode AES implementation. This implementation is not FIPS-validated on these platforms. If you enable the FIPS setting on these platforms, the operating system uses the 3DES algorithm with a 168-bit key length.
In Windows Vista and in Windows Server 2008, EFS uses the AES algorithm with 256-bit keys. If you enable this setting, AES-256 will be used.
FIPS local policy does not affect password key encryption.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 500 total points
ID: 39260669
philkryder---
The title of that reference and later content say
"In Windows XP and in later versions of Windows"

The "Applies To" section (at bottom) lists Win 7.  

This certainly suggests that what is said about Win Vista and Server 2008, etc. applies to Win 7.

Did you read http://technet.microsoft.com/en-us/library/cc750357.aspx  ?
If you click, for example, Procurement Officer under Audience it says
"Windows Vista, Windows Server 2008, or later in several places
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 39323575
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 39323576
The information in http:#a39260384 and http:#a39260669  are factual answers and certainly answer the question asked.
0
 
LVL 1

Author Comment

by:philkryder
ID: 39324164
From the basic – what is it:
http://windows.microsoft.com/en-us/windows-vista/what-is-encrypting-file-system-efs
 
to  WHAT’S new in W7
http://technet.microsoft.com/en-us/library/dd630631(v=ws.10).aspx
 
 By default, EFS uses the 2,048-bit key size for self-signed RSA certificates and the 256-bit key for ECC certificates.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
An article on effective troubleshooting
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question