A key that is associated with a particular user account.
The recovery agent key is also used to encrypt and decrypt files along with the FEK. If the FEK is unavailable, the recovery agent key can be used to decrypt the file.
The section of an encrypted file that contains information regarding the FEK and recovery agent keys.
The key that is used to encrypt files. It is stored within the files it has encrypted.
The key that is used to restore encrypted files. It is kept private and is used to restore files that were encrypted with its matching public key.
The location where private keys are stored.
Generates a master key that is used to encrypt a user’s private key.
An EFS system key that encrypts the user and recovery keys so that either key can recover the file.
An optional security measure that can be used to encrypt all the master keys generated by the Protected Storage Service.