|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
06-22-2006
| #1 (permalink) |
| | Vista: Multiple Startup Keys on one USB flash drive If I have several startup keys (.FVE files) for different Vista machines on one USB flash drive, how does each machine know which one is correct? Is the filename recorded somewhere in the unencypted portion of the drive? Or does it simple try all the possible .FVE files until it finds the lucky winner? Thanks, |
My System Specs |
|
06-23-2006
| #2 (permalink) |
| | Re: Vista: Multiple Startup Keys on one USB flash drive Good question  There are a number of layers to the answer. (1) The filename uses a GUID. Each key protector (refer to WMI interface) is referenced by a GUID, these are the same GUID. (2) The structure of the binary file contains both the GUID of the encrypted volume and the GUID of the key protector. (3) When decrypting the VMK, AES/CCM is used with 256-bit AES key. This is an industry standard algorithm, that contains a nonce and a MAC (message authentication check). If the startup key was wrong, then the MAC part of the AES/CCM algorithm detects this and causes a failure. (4) Should 1-3 fail, then the data would be decrypted incorrectly into gibberish Thankfully 1-3 prevents (4).- Jamie Hunter [MS] "tavis" <tavis@discussions.microsoft.com> wrote in message news:8911F7D1-4300-4CFF-9421-CDF98F3ED857@microsoft.com... > If I have several startup keys (.FVE files) for different Vista machines > on > one USB flash drive, how does each machine know which one is correct? Is > the > filename recorded somewhere in the unencypted portion of the drive? Or > does > it simple try all the possible .FVE files until it finds the lucky winner? > > Thanks, |
| My System Specs |
|
07-11-2006
| #3 (permalink) |
| | Re: Vista: Multiple Startup Keys on one USB flash drive Thanks again, Jamie. I must give credit to my very inquisitive and bright colleagues for these questions. ;-) "Jamie Hunter [MS]" wrote: > Good question > > There are a number of layers to the answer. > (1) The filename uses a GUID. Each key protector (refer to WMI interface) is > referenced by a GUID, these are the same GUID. > (2) The structure of the binary file contains both the GUID of the encrypted > volume and the GUID of the key protector. > (3) When decrypting the VMK, AES/CCM is used with 256-bit AES key. This is > an industry standard algorithm, that contains a nonce and a MAC (message > authentication check). If the startup key was wrong, then the MAC part of > the AES/CCM algorithm detects this and causes a failure. > (4) Should 1-3 fail, then the data would be decrypted incorrectly into > gibberish Thankfully 1-3 prevents (4).> - > Jamie Hunter [MS] > > "tavis" <tavis@discussions.microsoft.com> wrote in message > news:8911F7D1-4300-4CFF-9421-CDF98F3ED857@microsoft.com... > > If I have several startup keys (.FVE files) for different Vista machines > > on > > one USB flash drive, how does each machine know which one is correct? Is > > the > > filename recorded somewhere in the unencypted portion of the drive? Or > > does > > it simple try all the possible .FVE files until it finds the lucky winner? > > > > Thanks, > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Toggle Keys at Startup | Tutorials | |||
| Mix-up of multiple product keys | Vista installation & setup | |||
| Multiple Windows Systems on an USB Flash Drive | Vista installation & setup | |||
| Selecting multiple files on a flash drive | Vista General | |||
| Vista startup/locking issue - on multiple machines | Vista General | |||
