Zitat von
Luckie:
NTFS verschlüsselt mit der SID des Benutzers und diese ist weltweit einmalig.
kannst du dazu mal eine Quelle angeben ? das wäre ja vollends unsinnig...
Zitat von
http://en.wikipedia.org/wiki/NTFS:
Encrypting File System (EFS)
EFS provides strong and user-transparent encryption of any file or folder on an NTFS volume. EFS works in conjunction with the EFS service, Microsoft's CryptoAPI and the EFS File System
Run-Time Library (FSRTL).
EFS works by encrypting a file with a bulk symmetric key (also known as the File Encryption Key, or FEK), which is used because it takes a relatively smaller amount of time to encrypt and decrypt large amounts of data than if an asymmetric key cipher is used.
The symmetric key that is used to encrypt the file is then encrypted with a public key that is associated with the user who encrypted the file, and this encrypted data is stored in an alternate data stream of the encrypted file. To decrypt the file, the file system uses the private key of the user to decrypt the symmetric key that is stored in the file header. It then uses the symmetric key to decrypt the file. Because this is done at the file system level, it is transparent to the user. Also, in case of a user losing
access to their key, support for recovery agents that can unencrypt files has been built in to the EFS system.
der Schlüssel, mit dem der File-Inhalt verschlüsselt wurde, wird also per asymetrischem Verschlüsselungsverfahren (PKI) verschlüsselt und der Datei beigepackt - analog PGP.