Are there any public audits of the disk level encryption in Mac OS X Lion?

macos encryption

As a rule, one should never trust closed source cryptography software, but encrypting external drives and Time Machine backups has become quite convenient in Mac OS X Lion. Is that specific code available anyplace? Or has anyone audited it seriously?


Solution 1:

According to a public talk by Rich Trouton, FileVault 2 is not FIPS 140-2 validated, but "Apple's new Common Crypto implementation is just starting to undergo FIPS evaluation"

The code itself for Common Crypto is available at http://www.opensource.apple.com/ and has been all the way back to 10.4 (where I got tired of checking revisions - it probably goes back even further, but what matters is the code shipped in Lion which is available for all three lion releases 10.7, 10.7.1 and 10.7.2)

Solution 2:

It looks like the FIPS validation is proceeding, with iOS 5's CommonCrypto being validated first and then Lion's.

http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html

Entries 1672 - 1677 at the NIST link above are for CommonCrypto in iOS 5 for the various iDevices. It also appears that Apple is revalidating the now-deprecated Common Data Security Architecture (CDSA) cryptographic framework for Lion as of 11/17/2011 (entry 1872 in the link above.)

Related

Can I use 2 iPads at the same time for synchronized music making? What about with the same app?
Securely erase deleted files?
How can I type the "@" symbol via remote desktop with a Swedish keyboard?
What is a PPP server, and why do I keep getting disconnected from it?
Are non-unibody MacBook Pros capable of Lion's 3 and 4 finger multi-touch gestures?
Cannot log in on Youtube iPad app
Do Mac Pros use NUMA?
Files Renamed in Finder not Reflected in iTunes?
How can I navigate any directory in Finder?
Shutting down running apps in iOS
Ways to retain old App version
Are the latest iPod Nanos running iOS?