FileVault (read as "filevolt") is a disk encryption system built into macOS .
In previous versions (up to Mac OS X, Snow Leopard ) encrypted only the user's home folder, but starting with Mac OS X Lion allows encrypting the entire drive, including system files.
For encryption, the XTS-AES-128 algorithm with a 256-bit key length is used. [1] The encryption key is generated based on the user's password ( PBKDF2 algorithm, 1000 iterations [2] ). To protect against password loss, a master password is created, which should be recorded and stored in a safe place. It is optionally offered to allow password reset through Apple servers (for this you will need to log in to Apple ID ).
Starting with Mac OS X Leopard, the encrypted part of the file system is stored as Sparse Bundles (8 MB fragments).
Content
- 1 Criticism
- 2 FileVault 2.0
- 3 notes
- 4 References
Criticism
FileVault first version only allows encryption of the home directory. To encrypt individual files or the entire hard disk, you must use third-party software.
Encryption keys are stored in RAM during system operation and can be obtained by third-party software, a physical Cold boot attack , or using special equipment (for example, a FireWire device can copy a password using DMA [3] ). Also, passwords and keys can fall into a swap file (if the “Use secure virtual memory” option is disabled) [4] or a memory dump in the case of “Safe Sleep” (switching to sleep mode when the battery is low). [5]
FileVault 2.0
Mac OS X Lion and later versions of the OS use the new FileVault standard. In addition to an improved encryption algorithm (XTS-AES), increased speed and support for external devices, the new version can encrypt the entire disk. Also added a new feature - Instant wipe, which allows you to completely remove encryption keys from your computer and safely erase all information on internal drives.
Notes
- ↑ Using FileVault to Encrypt a Bootable Disk on a Mac - Apple Support
- ↑ http://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf page 9
- ↑ http://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf p. 18
- ↑ http://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf pp. 19-20
- ↑ http://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf p. 21
Links
- OS X: FileVault 2 Details
- Unlocking FileVault. An analysis of Apple's disk encryption system - analysis of the operation of FileVault // 23C3; copy of presentation
- http://reviews.cnet.com/8301-13727_7-20081045-263/about-filevault-2-in-os-x-10.7-lion/ - overview of FileVault 2.
- http://www.macintouch.com/specialreports/lion/review3.html#security - An overview of Mac OS X Lion features, including FileVault 2.