Abstract
This paper describes the first security evaluation of FileVault 2, a volume encryption mechanism that was introduced in Mac OS X 10.7 (Lion). The evaluation results include the identification of the algorithms and data structures needed to successfully read an encrypted volume. Based on the analysis, an open-source tool named libfvde was developed to decrypt and mount volumes encrypted with FileVault 2. The tool can be used to perform forensic investigations on FileVault 2 encrypted volumes. Additionally, the evaluation discovered that part of the user data was left unencrypted; this was subsequently fixed in the CVE-2011-3212 operating system update.
Chapter PDF
Similar content being viewed by others
References
Apple, Source Browser, Cupertino, California ( opensource.apple.com/source/xnu/xnu-1699.24.8/bsd/dev/random ), 2010.
Apple, About the security content of OS X Lion v10.7.2 and security update 2011-006, Cupertino, California ( support.apple.com/kb/HT5002 ), 2011.
B. Carrier, File System Forensic Analysis, Pearson Education, Upper Saddle River, New Jersey, 2005.
Check Point Software Technologies, Check Point Full Disk Encryption, San Carlos, California ( www.checkpoint.com/products/full-disk-encryption ), 2013.
O. Choudary and J. Metz, libfvde: Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes ( code.google.com/p/libfvde ), 2013.
Dell, Credant Enterprise Edition for Mac, Round Rock, Texas ( www.credant.com/products/cmg-enterprise-edition/cmg-enterprise-edition-for-mac.html ), 2013.
M. Dornseif, Owned by an iPod, presented at the PacSec Conference, 2004.
L. Dorrendorf, Z. Gutterman and B. Pinkas, Cryptanalysis of the random number generator of the Windows operating system, ACM Transactions on Information and System Security, vol. 13(1), article no. 10, 2009.
N. Ferguson, AES-CBC + Elephant Difusser: A Disk Encryption Algorithm for Windows Vista, Technical Report, Microsoft, Redmond, Washington, 2006.
N. Ferguson and B. Schneier, Practical Cryptography, Wiley, Indianapolis, Indiana, 2003.
C. Fruhwirth, New Methods in Hard Disk Encryption, Theory and Logic Group, Institute for Computer Languages, Vienna University of Technology, Vienna, Austria ( clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf ), 2005.
Z. Gutterman, B. Pinkas and T. Reinman, Analysis of the Linux random number generator, Proceedings of the IEEE Symposium on Security and Privacy, pp. 371–385, 2006.
J. Halderman, S. Schoen, N. Heninger, W. Clarkson, W. Paul, J. Calandrino, A. Feldman, J. Appelbaum and E. Felten, Lest we remember: Cold boot attacks on encryption keys, Communications of the ACM, vol. 52(5), pp. 91–98, 2009.
B. Kalisky, PKCS #5: Password-Based Cryptography Specification Version 2.0, RFC 2898, 2000.
J. Kelsey, B. Schneier and N. Ferguson, Yarrow-160: Notes on the design and analysis of the Yarrow cryptographic pseudorandom number generator, Proceedings of the Sixth International Workshop on Selected Areas in Cryptography, pp. 13–33, 2000.
L. Martin, XTS: A mode of AES for encrypting hard disks, IEEE Security and Privacy, vol. 8(3), pp. 68–69, 2010.
National Institute of Standards and Technology, Specification for the Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, Gaithersburg, Maryland, 2001.
K. Raeburn, Advanced Encryption Standard (AES) Encryption for Kerberos 5, RFC 3962, 2005.
P. Rogaway, Efficient instantiations of tweakable block ciphers and refinements to modes OCB and PMAC, Proceedings of the Tenth International Conference on the Theory and Application of Cryptology and Information Security, pp. 16–31, 2004.
J. Schaad and R. Housley, Advanced Encryption Standard (AES) Key Wrap Algorithm, RFC 3394, 2002.
Sophos, SafeGuard Enterprise, Abingdon, United Kingdom ( www.sophos.com/en-us/products/encryption/safeguard-enterprise.aspx ), 2013.
Symantec, Symantec Drive Encryption, Mountain View, California ( www.symantec.com/drive-encryption ), 2013.
TrueCrypt Foundation, TrueCrypt ( www.truecrypt.org ), 2012.
WinMagic, SecureDoc for Mac, Mississauga, Canada ( www.winma gic.com/products/full-disk-encryption-for-mac ), 2013.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Choudary, O., Grobert, F., Metz, J. (2013). Security Analysis and Decryption of Filevault 2. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics IX. DigitalForensics 2013. IFIP Advances in Information and Communication Technology, vol 410. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41148-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-41148-9_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41147-2
Online ISBN: 978-3-642-41148-9
eBook Packages: Computer ScienceComputer Science (R0)