FileVault on other than home directories on MacOS?
Darren J Moffat
Darren.Moffat at Sun.COM
Tue Sep 22 05:57:36 PDT 2009
Ivan Krsti wrote:
>TrueCrypt is a fine solution and indeed very helpful if you need
>cross-platform encrypted volumes; it lets you trivially make an
>encrypted USB key you can use on Linux, Windows and OS X. If you're
>*just* talking about OS X, I don't believe TrueCrypt offers any
>advantages over encrypted disk images unless you're big on conspiracy
>theories.
Note my information may be out of date. I believe that MacOS native
encrypted disk images (and thus FileVault) uses AES in CBC mode without
any integrity protection, the Wikipedia article seems to confirm that is
(or at least was) the case http://en.wikipedia.org/wiki/FileVault
There is also a sleep mode issue identified by the NSA:
http://crypto.nsa.org/vilefault/23C3-VileFault.pdf
TrueCrypt on the other hand uses AES in XTS mode so you get
confidentiality and integrity.
--
Darren J Moffat
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list