[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: LoopAES for MacOS
From:       Boyd Waters <bwaters () nrao ! edu>
Date:       2006-02-01 16:26:55
Message-ID: 5EE935C2-A45F-4B6D-BDBC-DF4A096D60A9 () nrao ! edu
[Download RAW message or body]

I am also a Mac user after years of hard-core Linux use. I still use  
a loop-aes Linux server as a backup/rsync server for the Macintosh  
desktop clients.

Loop-AES is a module which is intimately tied to the Linux block  
loopback driver. At the moment, no loop-aes port is available on Mac  
OS X.

However, the aespipe compiles and runs fine on Mac OS X, and I have  
used this tool to move data from loop-aes volumes to large  
(unencrypted) files that I can mount on the Macintosh (provided the  
encrypted volume used a file system that the Mac can use, hfsplus or  
vfat).

The Macintosh OS offers a loopback-block-device driver with AES  
encryption which is very similar in implementation to LUKS-with-dm- 
crypt on Linux.

You may use GPG-encrypted key in conjunction with hdiutil encrypted  
volumes to implement multi-factor authentication for your encrypted  
disk images:
# gpg --homedir /Volumes/some-usb-key/gpghome -d /Volumes/some-other- 
volume/diskKey.gpg | hdiutil attach encrypted-disk.dmg -encryption - 
stdinpass

Unfortunately, the source code for hdiutil encrypted volumes in not  
published by Apple (I think), and therefore has not been evaluated.  
It likely has problems with watermarking attacks - if not worse -  
that only loop-aes seems to address effectively.

It would be possible to port some of loop-aes to the Mac, I think,  
but it would need to work within the IOKit framework. Does anyone  
want to help me with this?

Regards,

- boyd
Boyd Waters
Socorro, New Mexico


On Feb 1, 2006, at 9:00 AM, IT3 Stuart Blake Tener, USN wrote:

> Mr. Ruusu, et alia:
>
>     Recently I switched (about a year ago) from using a Windows/ 
> Linux mix to
> that of an Apple Macintosh running MacOS. This has proved to offer  
> both Unix
> as well as a reasonable "end user" application mix for me. That  
> said, I like
> and use the encryption within MacOS but it is not portable to Linux  
> or other
> operating systems.
>
>     Is there a version of LoopAES that can be compiled and used  
> under MacOS
> given that MacOS is a FreeBSD sub variant?
>
>     Thanks in advance.
>
>
> -- 
>
> Very Respectfully,
>
> IT3 Stuart Blake Tener, USN
> Beverly Hills, California
> Amateur Radio Call Sign: N3GWG (General)
> email: teners@bh90210.net
> phone: +(1) 310.358.0202 (Beverly Hills, CA)
> phone: +(1) 215.338.6005 (Philadelphia, PA)
>
> Military emails (checked monthly until remote NMCI access is secured)
> NIPRNET: stuart.tener@navy.mil
> SIPRNET: NONE
> NRO: tenerstu (on the GWAN and @NRO.MIL)
>
> Confidentiality Notice: This e-mail message, including any  
> attachments, is
> for the sole use of the intended recipient(s) and may contain  
> confidential
> and/or privileged information. Any unauthorized review, use,  
> disclosure or
> distribution is prohibited. If you are not the intended recipient,  
> please
> contact the sender by reply e-mail and destroy all copies of the  
> original
> message.
>
>
>
>
> -
> Linux-crypto:  cryptography in and on the Linux system
> Archive:       http://mail.nl.linux.org/linux-crypto/


["smime.p7s" (application/pkcs7-signature)]
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

[prev in list] [next in list] [prev in thread] [next in thread]