Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption

Subject: Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
From: "Pike, Michael (IHS/HQ)" <email@hidden>
Date: Mon, 27 Aug 2012 14:31:13 +0000
Thread-topic: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption

How can this be???

Schroeder and others assured me it was not crackable. Not even by NSA.

Mike

Sent via my iOS 6 Device

On Aug 27, 2012, at 8:04 AM, "Jeffrey Walton" <email@hidden> wrote:

> http://eprint.iacr.org/2012/374.pdf
>
> Abstract
>
> With the launch of Mac OS X 10.7 (Lion), Apple has introduced a volume
> encryption mechanism known as FileVault 2. Apple only disclosed
> marketing aspects of the closed-source software, e.g. its use of the
> AES-XTS tweakable encryption, but a publicly available security
> evaluation and detailed description was unavailable until now.
>
> We have performed an extensive analysis of FileVault 2 and we have
> been able to find all the algorithms and parameters needed to
> successfully read an encrypted volume. This allows us to perform
> forensic investigations on encrypted volumes using our own tools.
>
> In this paper we present the architecture of FileVault 2, giving
> details of the key derivation, encryption process and metadata
> structures needed to perform the volume decryption. Besides the
> analysis of the system, we have also built a library that can mount a
> volume encrypted with FileVault 2. As a contribution to the research
> and forensic communities we have made this library open source.
>
> Additionally, we present an informal security evalua- tion of the
> system and comment on some of the design and implementation features.
> Among others we analyze the random number generator used to create the
> recovery password. We have also analyzed the entropy of each 512-byte
> block in the encrypted volume and discovered that part of the user
> data was left unencrypted.
> ...
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Follow-Ups:
- Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
  - From: Dave Schroeder <email@hidden>
- Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
  - From: Todd Heberlein <email@hidden>
- Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
  - From: "Lamb, John (NIH/NHLBI) [C]" <email@hidden>
- Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
  - From: "Miller, Timothy J." <email@hidden>

References:
	>[Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption (From: Jeffrey Walton <email@hidden>)

Prev by Date: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Next by Date: Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Previous by thread: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Next by thread: Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Index(es):
- Date
- Thread