The Encrypting File System (EFS) enables filesystem level transparent encryption on Microsoft Windows operating system. It was first introduced within NTFS. Folder encryption uses symmetric key which is then encrypted by a public key (asymmetric) pair. In our “SSH Public Key (/w RSA) Authentication and SSH Tunneling” post, we had briefly mentioned the hybrid cryptosystems that is driven by the usage of asymmetric and symmetric algorithms together. Now let’s check out how this hybrid process takes place in EFS;

more