||Windows Encrypted File System: Replace DESX algorithm with 3DES
The Microsoft default DESX encryption algorithm can be replaced with the 3DES algorithm for EFS only.
To enable 3DES for Encrypted File System (EFS) only:
- In the Run dialog box, type regedit.exe
- Navigate to the subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS
- On the Edit menu, point to New, and then click DWORD Value
- Enter AlgorithmID for the value name and 0x6603 for the value data to enable 3DES
- Restart the computer
- To disable 3DES and enable DESX, simply delete the AlgorithmID setting and restart the computer
- When 3DES is enabled, files encrypted by using both the DESX and 3DES algorithms can be decrypted. However, all new files are encrypted by using the 3DES algorithm.
Windows 2000 without the High Encryption Pack, cannot use 3DES. It is also possible to configure EFS to use 3DES without affecting encryption elsewhere.
© 2007 O'Reilly Media, Inc.
| Customer Service:
| Book issues:
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.