How to encrypt and decrypt files on Windows XP

whiz's picture

Hey! Guys. I was trying this thing. Maybe you know it before. If you do, you can even help me on sth. I successfully encrypted a file using Windows XP. Here is how you encrypt a file using Windows XP in case you don’t know this b4.
Note that you should have NTFS file system because this doesn’t work on FAT or FAT 32.
Click on Start->programs->Accessories->Windows Explorer
Locate the folder you are going to encrypt.
After finding the file right click on it and select properties
Click on the advanced button and select Encrypt contents to secure data. Click on Apply and select Apply changes to this folder, sub-folders and files. If U encrypt the folder and put it in a shared folder, others can’t view the content of the files in that folder. After reading tutorials on how to decrypt the encrypted files later, I tried to decrypt but to no avail. It deals with messing around in command lines but it didn’t work for me. Maybe Toms or sb else can show me how to decrypt the encrypted files. Cheers.

Knowledge speaks but wisdom listens.

Submitted by whiz on Mon, 04/20/2009 - 9:40am.
»
tommy's picture

whiz, sorry but I can't

Submitted by tommy on Wed, 04/22/2009 - 8:18am.

Hey! whiz, sorry but I can't show you how to decrypt the files, yet Wink. I have been doing some reading and this link from Microsoft turned out to be the most exhaustive
http://technet.microsoft.com/en-us/library/bb457116.aspx
If you really want to learn how EFS (Encrypted File System) works, go through it. But here are the basics (i think)

  • EFS uses mixed cryptography (both public key and symmetric). That means you need some way of managing your public and private keys.
    • From what I skimmed, EFS seems to get your private key from your profile automatically. For more complex purposes, there is a process of exporting and importing keys and certificates. You have to understand those details first.
    • There also seems to be a procedure for sharing encrypted files with other users.
    • "Using file shares for remote EFS operations requires a Windows 2000 or later domain environment because EFS must impersonate the user by using Kerberos delegation to encrypt or decrypt files for the user."

    My advice: If what you want to do is place a certain file on a shared folder for only some people to see, I suggest you just protect your share (I will tell you how, if you want). You can also use a simple password protected zip or rar archive. Complex encryption is just too much of a hassle and not worth it. (Your data must be worth more than the amount of time and resources you are going to spend protecting it)

    .... really?

    • »
    whiz's picture

    Toms. I think I know how to

    Submitted by whiz on Wed, 04/22/2009 - 9:52am.

    Thank you! Toms. I think I know how to protect my file and stuff so that only few can see. I just wanted to try this one mate but the decryption part from what I read is a hassle. Cheers and Thank you!.

    Knowledge speaks but wisdom listens.

    »
    fegul's picture

    Truecrypt is good;

    Submitted by fegul on Thu, 04/23/2009 - 10:24pm.

    Truecrypt is good; http://www.truecrypt.org/

    »
    Cyan's picture

    I am not sure about this but

    Submitted by Cyan on Fri, 04/24/2009 - 11:56am.

    I am not sure about this but I think you can only decrypt the file on an ntfs system where your windows log-in profile is located. If you wish to share the data I recommend zipping it with password which the default compression tool on windows is capable to do.

    I am as busy as a one legged man in a butt kicking contest

    »
    whiz's picture

    Cyanide, I tried it on an

    Submitted by whiz on Fri, 04/24/2009 - 1:54pm.

    Yeah Cyanide, I tried it on an NTFS system. I also mentioned that earlier. I wasn't sure that U could zip a file with a password though without using other software Wink Fegul TrueCrypt says it encrypts an entire partition or storage device such as USB flash drive or hard drive. Does it work on folders/files?
    I will check it out anywyas. Thank you! both of ya.

    Knowledge speaks but wisdom listens.

    »
    fegul's picture

    Yeah you can create a

    Submitted by fegul on Sun, 04/26/2009 - 1:17am.

    Yeah you can create a folder, put what you want to have encrypted in it, and then use Truecrypt to encrypt it. I got burned by the default encryption in XP back in the day. I backed up my files (which were encrypted) and then wiped my system (losing the certificates I would need to open them) and so all my data was rendered useless.

    It was my fault but it was still traumatizing Laughing out loud

    »
    Cyan's picture

    Cyan wrote: I am not sure

    Submitted by Cyan on Mon, 04/27/2009 - 4:01pm.
    Cyan wrote:

    I am not sure about this but I think you can only decrypt the file on an ntfs system where your windows log-in profile is located.

    I thought this post was about not you being able to decrypt it?

    I am as busy as a one legged man in a butt kicking contest

    »
    whiz's picture

    Boss did U just quote

    Submitted by whiz on Wed, 04/29/2009 - 9:39am.

    Boss did U just quote Urself? hehe Yeah this thread is mainly about decryption cause I have successfully encrypted earlier.

    Knowledge speaks but wisdom listens.

    »
    whiz's picture

    thanks for sharing ur

    Submitted by whiz on Mon, 04/27/2009 - 2:38pm.

    Laughing out loud thanks for sharing ur experience bro. That must have sucked big time hehe.

    Knowledge speaks but wisdom listens.

    »
    tommy's picture

    Yeah, sorry to hear that

    Submitted by tommy on Wed, 04/29/2009 - 7:12pm.

    Yeah, sorry to hear that Fegul.
    Moral of Fegul's story (i think), you have to think of decryption before you encrypt (not the other way round). My understanding is you first have to set-up your certificates, distribute them appropriately, encrypt from your computer, then try decrypting from another computer. For this you need to generate public and private keys, submit a certificate request to a certificate authority trusted by involved computers, retrieve the generated certificate files and so on.
    I know how public key encryption works for two communicating parties. I have no idea how you can accustom your single private key and public keys to accommodate more than two parties. I think that is where Active Directory and Kerberos come in.
    Still not discouraged? Smiling If you are not, I would also like to know how it turns out. Make sure that you document your every step!

    .... really?

    »

    Post new comment

    • Be polite

    Guidelines

    CAPTCHA
    Since you are not logged in Addis Underground requires you to enter the two letters in the box below to prevent automated spam submissions.
    Image CAPTCHA
    Copy the two characters into the box in UPPERCASE (CAPITAL) letters.