Encrypted files on NTFS file system are stored in special format to handle transparent decryption of file data to whom who have access to these files. To handle transparent encryption the files on disk consist of two parts:
When file is lost, both encrypted data and encryption metadata are lost. The software recovers this information and restores association between these parts. On success, the software can use Windows API to restore encrypted file by supplying both encrypted data and encryption metadata. It does not decrypt file data so recovery operator still does not have access to sensitive user information.
Restored file can be only opened by a user from original file access control list (such as file owner).
In case file can not be restored in encrypted form because operating system does not support this (e.g. non-Windows OS or Windows NT4 OS) or target file system does not support encryption, the file will be restored in special format of encrypted file backup. This format is specified by Microsoft and contains both encrypted data and encryption metadata. These files can be restored by Windows EFS backup/restoration API. You may use free EFS Restoration Tool from UFS Explorer installation package to restore encrypted files from backup to encrypted files on NTFS.
- file data itself in encrypted form;
- encryption metadata, required to decrypt the file.
When file is lost, both encrypted data and encryption metadata are lost. The software recovers this information and restores association between these parts. On success, the software can use Windows API to restore encrypted file by supplying both encrypted data and encryption metadata. It does not decrypt file data so recovery operator still does not have access to sensitive user information.
Restored file can be only opened by a user from original file access control list (such as file owner).
In case file can not be restored in encrypted form because operating system does not support this (e.g. non-Windows OS or Windows NT4 OS) or target file system does not support encryption, the file will be restored in special format of encrypted file backup. This format is specified by Microsoft and contains both encrypted data and encryption metadata. These files can be restored by Windows EFS backup/restoration API. You may use free EFS Restoration Tool from UFS Explorer installation package to restore encrypted files from backup to encrypted files on NTFS.
No comments:
Post a Comment