Re: Security of Mac Keychain, File Vault
On Oct 24, 2009, at 5:31 PM, Jerry Leichter wrote: The article at http://www.net-security.org/article.php?id=1322 claims that both are easily broken. I haven't been able to find any public analyses of Keychain, even though the software is open-source so it's relatively easy to check. I ran across an analysis of File Vault not long ago which pointed out some fairly minor nits, but basically claimed it did what it set out to do. The article makes a bunch of other claims which aren't obviously unreasonable. Anyone one know of more recent analysis of Mac encryption stuff? (OS bugs/security holes are a whole other story) The article specifically mentions Mac Marshall for attacking FileVault, but from the descriptions of it I can find it's just doing password guessing. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Security of Mac Keychain, File Vault
On Oct 24, 2009, at 5:31 PM, Jerry Leichter wrote: The article at http://www.net-security.org/article.php?id=1322 claims that both are easily broken. I haven't been able to find any public analyses of Keychain, even though the software is open-source so it's relatively easy to check. I ran across an analysis of File Vault not long ago which pointed out some fairly minor nits, but basically claimed it did what it set out to do. The white paper for Mac Marshal (http://macmarshal.atc-nycorp.com/mac/MacMarshal_WhitePaper_102.pdf ) leads me to believe that the so-called vulnerability in File Vault is that the encryption is based on the user's chosen login password: So, FileVault is not as secure as simple 128-bit AES. Any means of obtaining the user’s login password or the FileVault Master recovery keychain will allow access to the FileVault image. Does this surprise anyone? -Greg - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Security of Mac Keychain, File Vault
Jerry Leichter wrote: The article at http://www.net-security.org/article.php?id=1322 claims that both are easily broken. I haven't been able to find any public analyses of Keychain, even though the software is open-source so it's relatively easy to check. I ran across an analysis of File Vault not long ago which pointed out some fairly minor nits, but basically claimed it did what it set out to do. The article makes a bunch of other claims which aren't obviously unreasonable. Anyone one know of more recent analysis of Mac encryption stuff? (OS bugs/security holes are a whole other story) The last page of the article has references and this: MacMarshal. The best Mac tool I ve seen so far, it is right now the number 1 Mac tool. MacMarshall can parse user account information , Address Book, Safari, iChat, and can even crack File Vault. This is free to Law Enforcement. But on another page we find: http://www.macosxforensics.com/Analysis/CrackingFileVault/CrackingFileVault.html Cracking FileVault is a bit of a misnomer. As of this writing, here is not a known flaw in the 128 bit AES encryption that is being used. When attempting to open a FileVault encrypted Home directory, there are two methods which can be used: Brute Force Brute Force with a dictionary attack [...] Much faster utilities such as crowbarDMG and Mac Marshal are now available which will give you speeds Spartan will never attain in its current form. So, this seems to be all about dictionary attacks. More troublesome is the claim by the forensic expert that the best tool to analyze a mac filesystem is a mac, which he just proclaimed as insecure. This calls for a disaster: A trojan that targets forensic examiners... - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: US crypto/munitions again?
http://www.ddj.com/linux-open-source/220800130 Status quo. /r$ -- STSM, WebSphere Appliance Architect https://www.ibm.com/developerworks/mydeveloperworks/blogs/soma/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com