AFAIK, encryption knows nothing about the inherent quality of it's source - for the algorythm "Phil" is the same as "2´cW". So, i'd say, no, that's no way out.
Re. XP, indeed, i use still 2 machines pre W8 - one XP, one W98 <g>. Both not connected to any net, so i don't see this as a problem. And both have to be what they are, as they run "special" software/hardware combos, whose producer is out of business. For the XP i see some way out, (at the cost of many $$$)- for the W98 i see none...
If you are not connected to the internet then I would keep things as they are ;-0) If it ain't broke don't fix it, sort of idea.
I suspected that encryption may be like zipping / RARing, where the content of the file is processed without any knowledge of what the bits are, or referring to.
And I don't think the latest fiasco has anything to do with MS and them trying a last ditch attempt to get folks to upgrade to Windows 10 ;-0) Not a bad idea however, then they can give up on all the legacy stuff for old O/S's.
It would also be interesting to know how much damage was done because of in-house IT managers not applying security patches sent to them - now called upgrades to you and me I believe.
you can encrypt file how deep you wish.... A zip file can contain another zip file, again, again and again.
The only exceptions I know are gzip, bz and bz2 files on Linux/Unix: they contain only one file, and if you try to apply the next step, the file will remain at it is (as it does not make much sense compress an already compressed file).
About XP: in my own office we have a few Windows 7, but all our develoment PCs are Windows 19 1703. At our customers sites, there are some XP PCs: some of them run special software that does not works with newer Windows versions, some of these PCs have special hardware installed that works only with XP, so most are machines that are used in some sort of industrial environment. Most of them, (where I have some influence) are separated from the normal company LAN, and often connected to the internet only when required (for maintenance from an external company).
I have a customer that has a few MS-DOS PCs, and they are a real nightmare. They are very old, and have special cards installed. If the PC or the card fails, the entire machine with a value of about 1 mio. Euro is useless. But unfortunately there is no way to move the forward: the company that build them is gone, and changing the software to a different one invalidates over 20 years of registered NC programs.
I understand about the legacy of 'control technology' stuff - I did some in the past, and also supported a friend with his automotive garage, rolling roads and exhaust gas analysers - special boards and all.
The thing to do there seems to be keep them isolated, keep them clean, and treat them with love - oh! and keep your fingers crossed too.
We used to have a special box of old working (spare) parts that other places were throwing out - just to keep the stuff going.
It is even a known practice to hide valuable stuff encrypted among less valuable stuff in an encrypted storage. It is even possible to disguise it so it shows only up when the right key is entered, otherwise it is only visible as 'empty space'.
A hacker will brake the first key, and thinks he entered the safe, but he only entered the cash register, and doesn't even know that there is a safe within 'reach'.
It doesn't protect you from an cryptolock attack however.
We also have one XP machine... backuped and isolated