Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Does APFS make evicting FV keys redundant? #283

Closed
crichez opened this issue Mar 8, 2018 · 3 comments

Comments

@crichez
Copy link

commented Mar 8, 2018

Apple's File System Programming Guide updated February 20th mentions the following under "File System Basics/Security/Files[...]":

When the user puts the computer to sleep or shuts it down, the decryption keys are destroyed to prevent unauthorized access to the disk’s contents.

The Apple File System Guide also suggests user data is protected even on a decrypted volume:

Multi-key encryption ensures the integrity of user data. Even if someone were to compromise the physical security of the device and gain access to the device key, they still couldn't decrypt the user's files.

I don't know of any technical information to confirm that. Is there precedent for this (file systems that support per-file multi-key encryption)?

@metagoose

This comment has been minimized.

@kylehotchkiss

This comment has been minimized.

Copy link

commented Mar 28, 2018

Not confirming this is true, but if so, this is beautiful. I have been eyeing the filevault key deletion/hibernate option for my laptops knowing how much trouble people have had with it (#124)

@drduh

This comment has been minimized.

Copy link
Owner

commented Jul 7, 2018

Interesting, does anyone have more information or have done an analysis to verify this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.