[Mac_crypto] MacOS X (Panther) FileVault

David Shayer mac_crypto@vmeng.com
Wed, 12 Nov 2003 21:12:02 -0800

Previous message: [Mac_crypto] MacOS X (Panther) FileVault
Next message: [Mac_crypto] MacOS X (Panther) FileVault
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>From: "Ralf-P. Weinmann" <weinmann@cdc.informatik.tu-darmstadt.de>
>Are there any whitepapers available on the design of FileVault? Except for
>impressive words from marketing droids (AES-128, industry-standard cipher,
><yawn>) I have seen absolutely zilch on the implementation yet: i.e. is
>encryption done on a per-file basis or is rather blockwise underneath the
>filesystem layer (ala loop-aes under Linux)? AES-128, fair enough; but what
>mode is used for encrypting the files/blocks? ECB? CBC? CTR?  CCM?

I was told that FileVault replaces your home directory with an encrypted disk image, much like PGP Disk, so its probably blockwise underneath the file system layer. Files in your home directory are copied into the disk image, and some file system links redirect calls to the home directory to the disk image, and keep the user from seeing it as another mounted disk.

File Vault will automatically expand or contract the disk image at certain points. It creates a new image, copies everything over, and deletes the old image.

I don't know what mode of AES-128 it uses.
-- 

David


"If tyranny and oppression come to this land, it will be in the
guise of fighting a foreign enemy."             - James Madison

Previous message: [Mac_crypto] MacOS X (Panther) FileVault
Next message: [Mac_crypto] MacOS X (Panther) FileVault
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]