PCBONEZ wrote:
Even then I'm not 100% sure the files on the disk have anything to do with file system encryption.
My take is the intention (focus) of the disk is to keep hackers from getting control of the machine.
As noted above, this was almost certainly because of US export restrictions on high quality PKI encryption. Many of us are not sure what these functions were used for within Win2k. Stream or block cyphers like DES, RC4, and AES are not usually used for protecting passwords, nor are asymmetric keys. Cryptographic hashes such as MD5, SHA1, RIPEMD, and Whirlpool are typically used for password encryption as there's no need to recover the original password.
I would think EFS and possibly RDP would use the integral encryption provider. Found this little tidbit (emphasis added) that indicates it may have been a more broadly used library function, including for IE, OE, etc.
High Encryption Support
If you are running Internet Explorer 5.01 or earlier on a computer that is running Windows 98, Microsoft Windows 98 Second Edition, or Windows NT 4.0, when you install Internet Explorer 6, you upgrade your computer to 128-bit encryption. If your computer is running Windows 2000, when you install Internet Explorer 6, you do not change the level of encryption on your computer. You can upgrade Windows 2000 by using the High Encryption Pack that is located on the original installation media and on the Microsoft Windows Update Web site. If your computer is running Microsoft Windows Me, your computer is already using 128-bit encryption.
https://support.microsoft.com/en-us/kb/307295