[Mac_crypto] MacOS X (Panther) FileVault

[R. A. Hettinga]

--- begin forwarded text


Status:  U
Date: Thu, 13 Nov 2003 02:40:11 +0100
From: "Ralf-P. Weinmann" <weinmann@cdc.informatik.tu-darmstadt.de>
To: cypherpunks@lne.com
Subject: MacOS X (Panther) FileVault
Sender: owner-cypherpunks@lne.com

Panther's FileVault has already come up in a previous discussion, but questions
which I thought were pretty obvious and which I had expected at least SOMEONE
on cypherpunks to pose haven't come up... Sigh.

Are there any whitepapers available on the design of FileVault? Except for
impressive words from marketing droids (AES-128, industry-standard cipher,
<yawn>) I have seen absolutely zilch on the implementation yet: i.e. is
encryption done on a per-file basis or is rather blockwise underneath the
filesystem layer (ala loop-aes under Linux)? AES-128, fair enough; but what
mode is used for encrypting the files/blocks? ECB? CBC? CTR?  CCM?

Maybe Apple ported PHK's GBDE [1], MacOS X having FreeBSD underpinnings and all
that?

What I'd like for Apple to do is step ahead and release the source code of
FileVault for per review...

Ralf

[1] GBDE - GEOM based disk encryption
    http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf

-- 
Ralf-P. Weinmann <weinmann@cdc.informatik.tu-darmstadt.de>
PGP fingerprint: 1024D/EF114FC02F150EB9D4F275B6159CEBEAEFCD9B06

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'