Endpoint Encryption

 View Only
  • 1.  Cannot decrypt data on external harddisk

    Posted Apr 09, 2013 02:28 PM

    I used my external harddisk on a laptop, which had Symantec EndPoint Encryption (SEE) installed on it, in the past. I don't have that laptop anymore, but now I want to use the same external harddisk on another laptop without SEE installed and I'm unable to decrypt the data!

    When I use the 'Removable Storage Access Utility' and choose 'Decrypt to Location', I'll receive the message "A certificate is needed for decryption. If you have a certificate on a Smart Card, please insert the card and then click OK. 

    I don't have a certificate.

    Could somebody please help me decrypt all those files, so I can open them again?

    Thanks!

     



  • 2.  RE: Cannot decrypt data on external harddisk

    Posted Apr 10, 2013 03:51 AM

    I'm afraid the data cannot be decrypted without the correct key.  The message you posted indicates your old laptop (the one with SEE installed) was probably configured to encrypt using certificates rather than passwords.

    You'll need to recover the certificate and private keys from your old laptop (just the certificate is enough, you don't need SEE as you have the Access Utility), or you need to contact your IT dept for assistance (assuming they enabled the Master Certificate option).



  • 3.  RE: Cannot decrypt data on external harddisk

    Posted May 11, 2013 09:32 AM

    Thanks for your reply.

    SEE was indeed installed on a company laptop, which I left recently. So I don't have that laptop anymore. I checked with the IT dept of that company and they told me that they never used Certificates or private keys to encrypt data with SEE. Only password encryption was used.

    When I look at PDF/XLS document on the external harddisk all files have an .XML extension. When I view those files they all have a similar header, like:

     

    <!--GETRSFileHeaderSize=0x000003F2--><GETEncryptedDataFile version="x.x.x"><FileInformation><filename>[FileName]</filename><created>Mon, 25 Mar 2013 14:13:22 UT+0100</created></FileInformation><AlignmentLength>512</AlignmentLength><WrappedKeys iv="T8OJGOnxQ26FuNE4JOUMgw==" hash="Dkp2NGeBjlI+IzsTmimIctwAbrM2mpZqNgg6meA9rpE="><UPC hashmethod="kdf2"><wrappedkey>md4Ws5T01Rxq76LOifDIiA==</wrappedkey></UPC></WrappedKeys>
    </GETEncryptedDataFile>
     
    Is there still anything I could do to recover those files?
     
    Thanks!


  • 4.  RE: Cannot decrypt data on external harddisk

    Posted May 13, 2013 03:40 AM

    The only other option is if your former employer used the "Workgroup Keys" option, which allows members of the same team to decrypt each other's files.  Even then, you'd need to speak to the IT dept get them to decrypt the files.

    Other than that, and if your former employer never implemented the Master Recovery Certificate option, then you must have the password to recover the file.