ystem) An encryption system in the Windows NTFS file system, starting with Windows XP Pro. EFS enables users to encrypt their data in storage with the use of a password.
EFS vs. BitLocker
Two encryption systems come with Windows. EFS works at the file level, and users decide which files to encrypt. In contrast, BitLocker encrypts everything on the drive. See BitLocker
EFS encrypts files with a symmetric key that is itself encrypted with the user's public key and stored along with the encrypted data. To decrypt the file, the file encryption key (FEK) is decrypted with the user's private key, which reveals the symmetric key to decrypt the data. A symmetric key is used because it is faster than the public/private key system. See secret-key cryptography
, public key cryptography