O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  


Windows Encrypted File System: Replace DESX algorithm with 3DES
The Microsoft default DESX encryption algorithm can be replaced with the 3DES algorithm for EFS only.

Contributed by:
R Carrico
[09/21/04 | Discuss (0) | Link to this hack]

To enable 3DES for Encrypted File System (EFS) only:

  • In the Run dialog box, type regedit.exe
  • Navigate to the subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS
  • On the Edit menu, point to New, and then click DWORD Value
  • Enter AlgorithmID for the value name and 0x6603 for the value data to enable 3DES
  • Restart the computer
  • To disable 3DES and enable DESX, simply delete the AlgorithmID setting and restart the computer
  • When 3DES is enabled, files encrypted by using both the DESX and 3DES algorithms can be decrypted. However, all new files are encrypted by using the 3DES algorithm.

Windows 2000 without the High Encryption Pack, cannot use 3DES. It is also possible to configure EFS to use 3DES without affecting encryption elsewhere.

O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.