If you encripted the file, you probably supplied a password during this process. Without it, you can't access the file.
If you remembered to write down the password, did you remember to install the encription package?

Take off your shirt. Take pictures.

It could help.

You're screwed. Windows ties it's encryption keys to your user password, but even if you had that, you still wouldn't have the entire key. What you need is a recovery certificate, and I'm guessing you don't have one.

The existence of such a certificate alone renders that whole "encryption" stuff in Windows utterly useless. It's a fake like so many other things.

Do you understand how key cryptography works?

Yes, and I bet better than you.

The existance of "Master keys" or "Recovery keys" alone represent backdoors to the key encryption and renders them useless.

People encrypt their files because it's both important and sensitive, and the existance of a "recovery key" ensures both, provided you keep the recovery key safe (ie, on a floppy/usb drive that you keep with you).

Nothing's worse than reinstalling the OS and finding out all your sensitive, important information can no longer be accessed, even by you. Hence the (optional) recovery keys.

so, is it possible to get one of these recovery keys?

It has to be YOUR recovery key

As far as I know, you had to make the key yourself beforehand if you wanted one.

Given the recovery key is your personal property and no one else would be able to generate one, you are right. In this case the word "recovery" is redundant, though, it's just the key you're storing, may be with a bit of "bla bla" around it. With the same key you can decode your encrypted data after you reinstalled the OS. To call it "Recovery certificate" is just misleading and leads to the question, who except me can hold such a certificate for my data.

What I'm talking about are backdoors to the encryption system. For instance are there easy methods to make "master keys" in key encryption algorithm, which greatly reduce the width of the used key.

An example: For the sake of simplicity, let's assume we encrypt our data with a 6-digit decimal number. That's at least, what the key generator gives us. What we don't know is, that the generator spits out only multiples of, say, 1357. That's not obvious, if you look at the 6 digit key. We think, a brute force attacker has to go through 1,000,000 possibilities for the key, but in fact it are only 1,000,000 / 1,357 = ~737. Compare 1 million and 737, quite a difference, no?

The reality is of course not that simple, but there are similar methods to store such "master keys" like the number 1357 in my example at the police, the CIA, NSA, Mossad or whatever, which reduce a keywidth of 128 bit to 40 bit or similar. I think I encrypted it with 128 bit and so it is for everyone except those with the "master key". For them it's only a weak 40 bit encryption. You get the message.

As long as an encryption algorithm is not thoroughly described and open in it's algorithmus and software, I would refuse to use it. Answer me a simple question: Are you sure there's no backdoor (as described) in the Windows encryption system?

I am also curious as to what cyher protocol is used in Windows XP. It's not one of the public ones, is it?

The only "back door" is the user-generated recovery key.

The US government (and 7 other nations, now) have looked at the code extensively to ensure there's no backdoors. The US government even gave Windows 2000, XP Pro, and 2003 higher C2 security classification than Linux in part due to the very-well implemented encrypting file system.

The most secure way you could do it, is IBM's Security Subsystem 2.0 like I've got on my new ThinkPad. It's got a TCPA-compliant chip on it, and your keys and encryption is dealt with on its own pool of protected RAM and processor to prevent snooping.

wow....then i have lost a lot of very nice naked pictures of my ex