Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

What encryption use FileVault in HighSierra?

cyberblood

cyberblood

macrumors newbie
Original poster
Aug 19, 2017
10
0
Hi,

I'd like to know what encryption use FileVault in High Sierra?
In Sierra it's AES128, I hope they switch to AES256, thanks to the new Apple File System.
 
J

JoshHarmon

macrumors newbie
Aug 19, 2017
1
0
Not sure, but I will say a couple of things that I believe are related to your underlying concerns: There's little practical difference between the two. AES-256 really only exists because of bureaucratic BS surrounding the standardization of AES. Additionally, there are known issues with AES-192 and AES-256 that decrease the security level to around AES-128's level.

The bottom line: just because the number is bigger doesn't necessarily mean you need it. 128-bit AES is _perfectly_ fine.
 
BLUEDOG314

BLUEDOG314

macrumors 6502
Dec 12, 2015
377
120
The weakest link is going to be your password. The difference is in the number of "rounds" of the AES algorithm data goes through. More rounds will use more cpu time which isn't really an issue anymore with hardware acceleration and speed of modern SSDs. In short, it doesn't matter if you use AES38923490 if your password is a word in the dictionary or your dog's name.
 
kmaute

kmaute

macrumors 6502
Oct 5, 2008
304
3
USA
JoshHarmon said:
Not sure, but I will say a couple of things that I believe are related to your underlying concerns: There's little practical difference between the two. AES-256 really only exists because of bureaucratic BS surrounding the standardization of AES. Additionally, there are known issues with AES-192 and AES-256 that decrease the security level to around AES-128's level.

The bottom line: just because the number is bigger doesn't necessarily mean you need it. 128-bit AES is _perfectly_ fine.
Click to expand...

Source? There's a related key attack but that's not really a risk to consider. Consider that the NSA requires 192 or 256 bit key lengths for Top Secret materials. Only Secret materials can use 128. Granted, no one is going to brute force 128 bit AES but the above is not true.
 
steve62388

steve62388

macrumors 68040
Apr 23, 2013
3,090
1,944
BLUEDOG314 said:
There have been demonstrations of for example AES256 at 11 rounds (not the normal 14) able to be successfully attacked in a much shorter time span than would be expected. I'm not an expert so read some of the examples here:

https://www.schneier.com/blog/archives/2009/07/another_new_aes.html
Click to expand...

At present, there is no known practical attack that would allow someone without knowledge of the key to read data encrypted by AES when correctly implemented.

Source:- https://en.m.wikipedia.org/wiki/Advanced_Encryption_Standard

The article discusses the method you have invoked.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom