Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
- Subject: Re: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
- From: "Miller, Timothy J." <email@hidden>
- Date: Mon, 27 Aug 2012 14:47:49 +0000
- Thread-topic: [Fed-Talk] Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption
Don't panic. :)
The paper simply presents the reverse-engineering of the key schedule and
how FV2 handles encrypted data. Interesting, but not a crack. That a FV2
VMK is resident is memory (after bootstrap) is a "no duh" finding, and
even the authors note it's not solved (nor is it solvable--the FS driver
needs the master key, or you don't get your data). Additional obfuscation
of the in-memory key, IMHO, is not a barrier worth a lot of time.
FV2 security still rests on the user's password quality and secrecy.
-- T
On 8/27/12 9:31 AM, "Pike, Michael (IHS/HQ)" <email@hidden> wrote:
>How can this be???
>
>Schroeder and others assured me it was not crackable. Not even by NSA.
>
>Mike
>
>Sent via my iOS 6 Device
>
>On Aug 27, 2012, at 8:04 AM, "Jeffrey Walton" <email@hidden> wrote:
>
>> http://eprint.iacr.org/2012/374.pdf
>>
>> Abstract
>>
>> With the launch of Mac OS X 10.7 (Lion), Apple has introduced a volume
>> encryption mechanism known as FileVault 2. Apple only disclosed
>> marketing aspects of the closed-source software, e.g. its use of the
>> AES-XTS tweakable encryption, but a publicly available security
>> evaluation and detailed description was unavailable until now.
>>
>> We have performed an extensive analysis of FileVault 2 and we have
>> been able to find all the algorithms and parameters needed to
>> successfully read an encrypted volume. This allows us to perform
>> forensic investigations on encrypted volumes using our own tools.
>>
>> In this paper we present the architecture of FileVault 2, giving
>> details of the key derivation, encryption process and metadata
>> structures needed to perform the volume decryption. Besides the
>> analysis of the system, we have also built a library that can mount a
>> volume encrypted with FileVault 2. As a contribution to the research
>> and forensic communities we have made this library open source.
>>
>> Additionally, we present an informal security evalua- tion of the
>> system and comment on some of the design and implementation features.
>> Among others we analyze the random number generator used to create the
>> recovery password. We have also analyzed the entropy of each 512-byte
>> block in the encrypted volume and discovered that part of the user
>> data was left unencrypted.
>> ...
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden