[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-crypto
Subject: Re: LoopAES for MacOS
From: Boyd Waters <bwaters () nrao ! edu>
Date: 2006-02-01 16:26:55
Message-ID: 5EE935C2-A45F-4B6D-BDBC-DF4A096D60A9 () nrao ! edu
[Download RAW message or body]
I am also a Mac user after years of hard-core Linux use. I still use
a loop-aes Linux server as a backup/rsync server for the Macintosh
desktop clients.
Loop-AES is a module which is intimately tied to the Linux block
loopback driver. At the moment, no loop-aes port is available on Mac
OS X.
However, the aespipe compiles and runs fine on Mac OS X, and I have
used this tool to move data from loop-aes volumes to large
(unencrypted) files that I can mount on the Macintosh (provided the
encrypted volume used a file system that the Mac can use, hfsplus or
vfat).
The Macintosh OS offers a loopback-block-device driver with AES
encryption which is very similar in implementation to LUKS-with-dm-
crypt on Linux.
You may use GPG-encrypted key in conjunction with hdiutil encrypted
volumes to implement multi-factor authentication for your encrypted
disk images:
# gpg --homedir /Volumes/some-usb-key/gpghome -d /Volumes/some-other-
volume/diskKey.gpg | hdiutil attach encrypted-disk.dmg -encryption -
stdinpass
Unfortunately, the source code for hdiutil encrypted volumes in not
published by Apple (I think), and therefore has not been evaluated.
It likely has problems with watermarking attacks - if not worse -
that only loop-aes seems to address effectively.
It would be possible to port some of loop-aes to the Mac, I think,
but it would need to work within the IOKit framework. Does anyone
want to help me with this?
Regards,
- boyd
Boyd Waters
Socorro, New Mexico
On Feb 1, 2006, at 9:00 AM, IT3 Stuart Blake Tener, USN wrote:
> Mr. Ruusu, et alia:
>
> Recently I switched (about a year ago) from using a Windows/
> Linux mix to
> that of an Apple Macintosh running MacOS. This has proved to offer
> both Unix
> as well as a reasonable "end user" application mix for me. That
> said, I like
> and use the encryption within MacOS but it is not portable to Linux
> or other
> operating systems.
>
> Is there a version of LoopAES that can be compiled and used
> under MacOS
> given that MacOS is a FreeBSD sub variant?
>
> Thanks in advance.
>
>
> --
>
> Very Respectfully,
>
> IT3 Stuart Blake Tener, USN
> Beverly Hills, California
> Amateur Radio Call Sign: N3GWG (General)
> email: teners@bh90210.net
> phone: +(1) 310.358.0202 (Beverly Hills, CA)
> phone: +(1) 215.338.6005 (Philadelphia, PA)
>
> Military emails (checked monthly until remote NMCI access is secured)
> NIPRNET: stuart.tener@navy.mil
> SIPRNET: NONE
> NRO: tenerstu (on the GWAN and @NRO.MIL)
>
> Confidentiality Notice: This e-mail message, including any
> attachments, is
> for the sole use of the intended recipient(s) and may contain
> confidential
> and/or privileged information. Any unauthorized review, use,
> disclosure or
> distribution is prohibited. If you are not the intended recipient,
> please
> contact the sender by reply e-mail and destroy all copies of the
> original
> message.
>
>
>
>
> -
> Linux-crypto: cryptography in and on the Linux system
> Archive: http://mail.nl.linux.org/linux-crypto/
["smime.p7s" (application/pkcs7-signature)]
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic