Home > Articles > Home & Office Computing > Microsoft Windows Desktop

  • Print
  • + Share This
Like this article? We recommend

The Need for Speed

EFS was designed to be as fast, simple, and unobtrusive as possible. Making this system work required a clever compromise between the security and efficiency of public key encryption and the need for reasonable performance.

Public key encryption is highly secure and features built-in authentication, but it's slow. The process of securely encrypting and decrypting a file using a public key system eats up so much processing power that encrypting everything on a typical computer will either slow the system to a crawl or require the use of special hardware to handle the encryption. This performance is barely acceptable for something like encrypted backups, where the files are encrypted infrequently. It's hardly practical for files that are in active use and being read and written constantly.

EFS gets around this problem by using public key encryption only to protect the keys. The files themselves are encrypted using the Extended Data Encryption Standard, DESX (don't ask me about the acronym), which is a more secure variant of the DES encryption algorithm. DESX lacks many of the advantages of public key encryption, but it's quite secure and much faster.

  • + Share This
  • 🔖 Save To Your Account