How does FileVault work compared to LUKS
I currently use LUKS to encrypt my the drive of my Linux computer. I am planning to buy a Mac and want to enable full-disk encryption. With LUKS you will be prompted for your password before the boot.
On macOS I heard you need to use your user password to unlock the disk.
- How does this work in detail?
- The login screen needs to be unencrypted, is it a separate partition then?
- How does the login screen gets a list of the users while the disk is still encrypted?
You can find a setup guide for FileVault 2 here:
https://support.apple.com/en-gb/HT204837
When you enable FileVault 2 on your boot drive, an admin user will need to unlock the computer before it can be used. I.e. non-admin users will not be able to unlock and decrypt the drive.
When you turn on the computer, it boots from a separate, non-encrypted partition. That partition holds the decryption software as well as a list of admin users that can unlock the drive. This is done so that the bootup partition can display a startup image similar to a normal login screen with the names and avatars of the users that can unlock the drive.
Note that the unencrypted drive only holds the user names, not passwords, salted hashed passwords or anything like that. The user will need to enter a password that successfully decrypts the decryption key in order to unlock the computer.
In addition to the login password (which is used as a passphrase for one of the keys), you can also choose to enable either a recovery key, which is a 120-bit master password that can be used to decrypt the drive, or the option to allow an AppleID to unlock the drive. This means that you can unlock the drive by logging in to your AppleID which enables you to retrieve the key from Apple's servers. Some like this option for its ease of use, others prefer not to enable it for security reasons.
When you compare FileVault to LUKS, the systems are in principle very similar. However on a modern Mac with the T2 security chip, you'll find an additional security layer implemented with a Secure Enclave which tries to hinder brute forcing the pass phrase by adding delays, and protects against side-channels attacks on the main CPU as the encryption keys are never in memory on the Intel CPU. You can find further technical details here:
https://www.apple.com/mac/docs/Apple_T2_Security_Chip_Overview.pdf