Loop-AES is a module which is intimately tied to the Linux block loopback driver. At the moment, no loop-aes port is available on Mac OS X.
However, the aespipe compiles and runs fine on Mac OS X, and I have used this tool to move data from loop-aes volumes to large (unencrypted) files that I can mount on the Macintosh (provided the encrypted volume used a file system that the Mac can use, hfsplus or vfat).
The Macintosh OS offers a loopback-block-device driver with AES encryption which is very similar in implementation to LUKS-with-dm- crypt on Linux.
You may use GPG-encrypted key in conjunction with hdiutil encrypted volumes to implement multi-factor authentication for your encrypted disk images: # gpg --homedir /Volumes/some-usb-key/gpghome -d /Volumes/some-other- volume/diskKey.gpg | hdiutil attach encrypted-disk.dmg -encryption - stdinpass
Unfortunately, the source code for hdiutil encrypted volumes in not published by Apple (I think), and therefore has not been evaluated. It likely has problems with watermarking attacks - if not worse - that only loop-aes seems to address effectively.
It would be possible to port some of loop-aes to the Mac, I think, but it would need to work within the IOKit framework. Does anyone want to help me with this?
Regards, - boyd Boyd Waters Socorro, New Mexico On Feb 1, 2006, at 9:00 AM, IT3 Stuart Blake Tener, USN wrote:
Mr. Ruusu, et alia:Recently I switched (about a year ago) from using a Windows/ Linux mix to that of an Apple Macintosh running MacOS. This has proved to offer both Unix as well as a reasonable "end user" application mix for me. That said, I like and use the encryption within MacOS but it is not portable to Linux or otheroperating systems.Is there a version of LoopAES that can be compiled and used under MacOSgiven that MacOS is a FreeBSD sub variant? Thanks in advance. -- Very Respectfully, IT3 Stuart Blake Tener, USN Beverly Hills, California Amateur Radio Call Sign: N3GWG (General) email: teners@xxxxxxxxxxx phone: +(1) 310.358.0202 (Beverly Hills, CA) phone: +(1) 215.338.6005 (Philadelphia, PA) Military emails (checked monthly until remote NMCI access is secured) NIPRNET: stuart.tener@xxxxxxxx SIPRNET: NONE NRO: tenerstu (on the GWAN and @NRO.MIL)Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the originalmessage. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
