Re: [Fed-Talk] OS X 10.4.9 Things - Backdoor to Encrypted Drive ImageFiles
Re: [Fed-Talk] OS X 10.4.9 Things - Backdoor to Encrypted Drive ImageFiles
- Subject: Re: [Fed-Talk] OS X 10.4.9 Things - Backdoor to Encrypted Drive ImageFiles
- From: Paul Nelson <email@hidden>
- Date: Wed, 14 Mar 2007 17:57:43 -0500
- Thread-topic: [Fed-Talk] OS X 10.4.9 Things - Backdoor to Encrypted Drive ImageFiles
Title: Re: [Fed-Talk] OS X 10.4.9 Things - Backdoor to Encrypted Drive ImageFiles
If you change the key for the disk image, you must decrypt the entire image and re-encrypt it using the new key.
This might be impossible if the user does not have enough disk space.
So, IF you think you need to change the key on an encrypted drive, then you must be able to invent a suitable and sturdy method for doing this. This problem has nothing to do with cryptography.
Also, if you change the disk’s encryption key, you must use PKI to allow the master key to be updated. I think Apple uses PKI for the master key. This would allow a user to turn on file vault without needing to know the master password.
I don’t think Apple changes the key on a file vault disk when the user changes their password.
BTW, if you were going to put a back door into file vault, the best way to do it would be to ship a public key that is used to wrap each file vault volume’s secret key when the volume is created or a re-keying scheme is implemented. Some govt agency would then be able to obtain the private key from Apple (once), and use it on a whim. Again, this has nothing to do with putting a back door into any crypto software (I mean the cryptographic service providers).
Paul Nelson
Thursby Software Systems, Inc.
on 3/14/07 5:28 PM, Michael Pike at email@hidden wrote:
According to Apple's website the AES128 encryption methods would take a few billion years.. but as you said, the encryption wrapper (in this case being Apple's keychain) is the weak link, and that is what makes me paranoid... I started getting suspicious when I had a FileVault enabled system and could change my password yet the disk did not have to be re-encrypted... so even though I change the "key" I use... the disk itself used the same key all along... hence portable disk images are more secure IMHO... when a secure disk image is generated, SUPPOSEDLY the 128 bit key is randomly generated at that moment... thereby making the disk image decryption key change anytime a new one is generated... however, it's still the same old Apple Keychain wrapper....
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden