Security of Mac Keychain, Filevault
Jerry Leichter
leichter at lrw.com
Mon Nov 2 15:25:53 EST 2009
On Nov 1, 2009, at 10:32 PM, Steven Bellovin wrote:
>
> On Oct 29, 2009, at 11:25 PM, Jerry Leichter wrote:
>
>> A couple of days ago, I pointed to an article claiming that these
>> were easy to break, and asked if anyone knew of security analyses
>> of these facilities.
>>
>> I must say, I'm very disappointed with the responses. Almost
>> everyone attacked the person quoted in the article. The attacks
>> they assumed he had in mind were unproven or unimportant or
>> insignificant. Gee ... sounds *exactly* like the response you get
>> from companies when someone finds a vulnerability in their
>> products: It's not proven; who is this person anyway; even if
>> there is an attack, it isn't of any practical importance.
>
> Unfortunately, there's no better response here.
>
> At time T, someone will assert that "X is insecure", and that
> products exist -- commercial and freeware -- to crack it. This
> person supplies no evidence except for an incomplete list of
> products to support the assertion. What do I now know that I didn't
> know before?...
A couple of others wrote to me privately with the same general thought.
I see I'm still not managing to make my point. Suppose the world were
as in the following diagram:
People who say they've looked People who claim Keychain can be
Keychain and believe it's good broken easily
---------------------------------------------------------------------------------------------------------------------
Apple Some unknown guy who sells
Adi Shamir products for analyzing Macs
Neils Ferguson
Bruce Schneier
Steven Bellovin
John Gilmore
Perry Metzger
Then I'd agree that there's not much to talk about. But that doesn't
happen to be the world we live in. Instead, the world we live in is
described by the following diagram:
People who say they've looked People who claim Keychain can be
Keychain and believe it's good broken easily
---------------------------------------------------------------------------------------------------------------------
Apple Some unknown guy who sells
products for analyzing Macs
Now, this isn't all that different from the following world:
People who say they've looked People who claim Keychain can be
Keychain and believe it's good broken easily
---------------------------------------------------------------------------------------------------------------------
Apple
- though to assert it's *identical* when we have *no* information
about the person making the claim is a bit much. Having *no*
reputation isn't the same as having a reputation for being a shill or
an incompetent.
But even in *this* last world ... doesn't it bother people that all we
have is a "trust us" from Apple? Yes, as I acknowledged, Apple's
track record is pretty good here - but it's *not* unblemished.
I've actually tried to look at Keychain, but most of the guts are
built on the Apple crypto provider framework, which is quite a large
collection of code to digest with no previous knowledge. So I didn't
get anywhere interesting in the time I was in a position to invest.
I've been referring specifically to Keychain, about which there
appears to be nothing at all published. But the situation is only
slightly better - a single 2+ year old paper - for encrypted disk
images in general an Filevault in particular. And it's also the same
for iPhone's and iPod Touches, which are regularly used to hold
passwords (for mail, at the least).
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list