[Mac_crypto] MacOS X (Panther) FileVault
David Shayer
david at sentience.com
Wed Nov 12 21:12:02 PST 2003
>From: "Ralf-P. Weinmann" <weinmann at cdc.informatik.tu-darmstadt.de>
>Are there any whitepapers available on the design of FileVault? Except for
>impressive words from marketing droids (AES-128, industry-standard cipher,
><yawn>) I have seen absolutely zilch on the implementation yet: i.e. is
>encryption done on a per-file basis or is rather blockwise underneath the
>filesystem layer (ala loop-aes under Linux)? AES-128, fair enough; but what
>mode is used for encrypting the files/blocks? ECB? CBC? CTR? CCM?
I was told that FileVault replaces your home directory with an encrypted
disk image, much like PGP Disk, so its probably blockwise underneath the
file system layer. Files in your home directory are copied into the disk
image, and some file system links redirect calls to the home directory to
the disk image, and keep the user from seeing it as another mounted disk.
File Vault will automatically expand or contract the disk image at certain
points. It creates a new image, copies everything over, and deletes the old
image.
I don't know what mode of AES-128 it uses.
--
David
"If tyranny and oppression come to this land, it will be in the
guise of fighting a foreign enemy." - James Madison
_______________________________________________
mac_crypto mailing list
mac_crypto at vmeng.com
http://www.vmeng.com/mailman/listinfo/mac_crypto
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
More information about the cypherpunks-legacy
mailing list