Tuning EFS

Q: What ciphers does Microsoft’s Encrypting File System (EFS) use? Also, how can I tune these ciphers and their parameters?

A: The software technology behind EFS is a good example of a hybrid cryptographic solution that combines the power of both asymmetric and symmetric ciphers. EFS uses a symmetric cipher (Advanced Encryption Standard—AES; Triple DES—3DES; or DESX) to perform the bulk encryption and an asymmetric cipher (RSA) to provide secure storage of the bulk encryption key. AES uses a 256-bit symmetric encryption key, 3DES uses a 128-bit key, and DESX uses a 56-bit key. The 256-bit AES cipher is the best and most secure option for EFS symmetric encryption, followed by 128-bit 3DES, then 56-bit DESX.

Windows 2000 Server and Windows XP, by default, use a 56-bit DESX EFS cipher. However, if you've installed the Win2K High Encryption Pack, EFS defaults to 128-bit 3DES. The default encryption algorithm used in Windows Server 2003 and later or Windows XP Service Pack 1 (SP1) and later is 256-bit AES. You can configure both Windows 2003 and XP to use the 3DES algorithm for EFS encryption and decryption operations.

There are two ways to configure EFS to support 3DES instead of DESX. You can use a new Group Policy Object (GPO) setting called “System Cryptography: Use FIPS compliant algorithms for encryption.” This setting affects the encryption-decryption operations not only of EFS but also of other Windows security solutions such as IPsec. The GPO setting is located in the Computer configuration, Windows Settings, Security Settings, Local Policies, Security Options GPO container. You can also modify the registry to make the use of 3DES available only to EFS. To do so, create the AlgorithmID (REG_DWORD) registry value in the HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionEFS registry subkey and set it to 0x6603.

As Table 1 shows, you can use this registry key to force the use of DESX or AES for EFS operations. Even if you've set up Windows 2003, Win2K or XP to use 3DES, DESX or AES support (depending on the platform) isn't lost. The platforms are still able to process files previously encrypted with AES, 3DES, or DESX.Windows 2003 also lets you specify larger default RSA key sizes for keys that are generated for EFS. The default key size used in Windows 2003 and XP is 1024 bits. In Windows 2003, you can change the default size by setting the HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionEFSRSAKeyLength registry subkey. The value (REG_DWORD) in this key must be a power of 2 (i.e., 1024, 16384 …)

Table 1: Registry Values for EFS Symmetric Encryption Algorithm