FileVault

FileVault

FileVault is a system that protects files on a Macintosh computer. It can be found in the Mac OS X v10.3 ("Panther") operating system and later.

FileVault uses encrypted file systems that are mounted and unmounted when the user logs into or out of the system. The user's home directory is encrypted using the Advanced Encryption Standard (AES) algorithm with a key derived from the user's login password. A master password should be set as a precaution against a user losing his or her password. Content is automatically encrypted and decrypted on the fly. Although early versions were slow and caused system to temporarily hang when used with disk-intensive applications, such as sound and video editing, the performance of FileVault has been improved in more recent versions of Mac OS X.

In Mac OS X v10.4 (Tiger), FileVault stores the encrypted file system as a Sparse Disk Images, which is basically a single large file. In Mac OS X v10.5 (Leopard), FileVault stores the encrypted file system as a new image called a Sparse bundle. [http://macosx.com/article/live-filevaultsparse-bundle-backups-in-leopard.html 1] . Sparse bundles break images into smaller 8MB files called bands, allowing them to be backed up using Leopard's Time Machine feature (see below for limitations, however). If transferring your FileVault data from a previous Mac that uses 10.4 using the built-in utility to move data to a new machine, the data uses the old sparse image format, and you must turn FileVault off and then on again to re-encrypt in the new sparse bundle format.

Criticism

When using FileVault, it is not possible to select which parts of the disk to encrypt. Only entire home directories can be encrypted. For example, using FileVault, the user cannot encrypt the whole disk as can be done with 3rd-party Mac disk encryption software such as PGP Whole Disk Encryption. Similarly, specific files or folders cannot be encrypted using FileVault, although its underlying encrypted disk image technology can be used for this purpose via Apple's Disk Utility Application, included in the standard installation of OS X.

Several shortcomings have been identified in FileVault's use of cryptography, such as the use of the CBC mode of operation which can lead to watermarking attacks, reliance on 1024-bit RSA and 3DES-EDE which have an effective key size below that of 128-bit AES, and unsafe storage of keys in the Mac OS X "safe sleep" mode.cite paper |author=Jacob Appelbaum, Ralf-Philipp Weinmann |date=2006-12-29 |title=Unlocking FileVault: An Analysis of Apple's disk encryption |url=http://crypto.nsa.org/vilefault/23C3-VileFault.pdf |format=PDF |accessdate=2007-03-31 ]

FileVault-protected accounts can be migrated from an older Mac to a newer one with some limitations and only as long the new machine has no existing user accounts -- otherwise, FileVault needs to be turned off during the migration, or the OS first needs to be reinstalled on the newer Mac. [ [http://docs.info.apple.com/article.html?artnum=25773#faq7 Mac OS X 10.3, 10.4: Transferring data with Setup Assistant / Migration Assistant FAQ ] ]

A study published in 2008 found data remanence in dynamic random access memory (DRAM), with data retention of seconds to minutes at room temperature and much longer times when memory chips were cooled to low temperature. The study authors were able to use a cold boot attack to recover cryptographic keys for several popular disk encryption systems, including FileVault, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use, such as in key scheduling. The authors recommend that computers be powered down, rather than be left in a "sleep" state, when not in physical control by the owner. [cite paper|title=Lest We Remember: Cold Boot Attacks on Encryption Keys|author=J. Alex Halderman, et al.|date=February 2008|url=http://citp.princeton.edu.nyud.net/pub/coldboot.pdf]

Not all features of the Time Machine backup facility work when it is used in conjunction with FileVault in Mac OS 10.5. For example, a single file cannot be restored from the archive using the Time Machine interface; only restoring the entire FileVault is possible. Single files can however be restored manually using the Finder.

On 31 July, 2008, Brian Krebs posts on his Washington Post blog, that Charles Edge, an American researcher from Georgia, found a security hole in FileVault and had to withdraw from a speech about it at the Black Hat Security conference. [ [http://voices.washingtonpost.com/securityfix/2008/07/black_hat_talk_on_apple_encryp_1.html] ]

ee also

*Apple Keychain

References

External links


Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • FileVault — ist eine Funktion von Mac OS X zum Verschlüsseln von persönlichen Daten. Es ist seit Mac OS X 10.3 standardmäßig im Lieferumfang enthalten und verschlüsselt das Benutzerverzeichnis unter Verwendung von AES 128. FileVault verschlüsselte zunächst… …   Deutsch Wikipedia

  • FileVault — est un système de protection des fichiers sur les ordinateurs Macintosh (Apple). On le trouve depuis la version Mac OS X v10.3 ( Panther ) et suivants. FileVault utilise un système de fichiers chiffré qui est monté et démonté à la connexion et… …   Wikipédia en Français

  • FileVault — FileVault  система шифрования файлов, встроенная в Mac OS X. Шифрует домашний каталог пользователя при помощи AES с длиной ключа 128 бит. Ключ шифрования вырабатывается на основе пароля пользователя (алгоритм PBKDF2, 1000 итераций[1]). Также …   Википедия

  • FileVault — ● np. m. tm? ►APPLE Service de chiffrement à la volée des données privées des utilisateurs sous MacOS X à partir de la version 10.3. L algorithme utilisé est AES 128 …   Dictionnaire d'informatique francophone

  • Comparison of disk encryption software — This is a technical feature comparison of different disk encryption software. Contents 1 Background information 2 Operating systems 3 Features 4 Layering …   Wikipedia

  • Mac OS X — OSX redirects here. For other uses, see OSX (disambiguation). Mac OS X …   Wikipedia

  • Mac OS X Lion — Mac OS X v10.7 Lion Part of the Mac OS X family …   Wikipedia

  • Time Machine (Software) — Time Machine Entwickler: Apple Inc. Betriebssystem: Mac OS X 10.5 Kategorie: Datensicherung Lizenz: proprietär …   Deutsch Wikipedia

  • Mac OS X — Parte de la familia BSD[1] [2] [3] …   Wikipedia Español

  • Migration Assistant (Apple) — Migration Assistant Migration Assistant s summary window …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”