Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Encrypted Disks are not encrypted if someone use a dictionary to try all possibilites?

R

Rockman413

macrumors member
Original poster
Dec 2, 2014
51
1
Hi,

If I use Disk Utility to Format a hard drive with encryption, yes it will then requires password to access the files. But if the hard drive itself got stolen, and someone use a dictionary to try all possibilites of combination of words, letters, numbers, etc.., yes it may take a very long time but eventually he can succeed, because there's no protection such as iPhone's 10 chances of inputing the pin.

Am I Correct about this?



P.S. it seems WD or Samsung or many other manufactor's security software face the same situation.
 
chabig said:
That’s why you need to choose a good encryption key.
Click to expand...

If the drive is stolen, even if I have a good encryption key, someone can still try all possibilites of a dictionary to open it, it's just a matter of time, is it?
 
Rockman413 said:
If the drive is stolen, even if I have a good encryption key, someone can still try all possibilites of a dictionary to open it, it's just a matter of time, is it?
Click to expand...

I don’t think you fully comprehend how long it would take. Also your password isn’t actually the key to decrypt it, at least on a T2 enabled Mac. It’s your password combined with a hardware hash from the T2 chip.
If we use a high performance computer with several Titan GPUs for attempting passwords, you’d still be looking at a time span nearing the heat death of the universe to brute force the encryption
 
  • Like
Reactions: komatsu, chabig and chown33
If you have a good passphrase, then "it's just a matter of time" should be an improbably long time using improbable amounts of computers, like millions of years using the entire computing power of the planet.

The passphrase used in FileVault 2 undergoes a computation that takes a certain amount of time. That computation is intentionally designed to be non-trivial to perform. That's just one step in the encryption and key management.

There's an earlier thread that asks about FileVault 2 encryption. It contains some links to a technical explanation of what the FV2 encryption does. That paper requires some knowledge of cryptography and file-systems, and might be incomprehensible otherwise.
 
Thank you both! Very helpful.

For FileVault2, I know it protects the mac's internal drive, but does it also protect the external portable drive?
 
FV2 must be enabled on each drive you want encrypted.

Enabling it on the internal drive has no effect on any external drives.
 
will FV2 somehow slow the speed of the drive?

If I use disk utility to format a drive with encryption, then with FV2 turned on, so I need 2 password to access this drive?
 
The encrypted drive speed will depend on the computer it's attached to. More recent models are better at handling encryption.

I can't answer the Disk Utility question. It may depend on the OS version.
 
Got it. Do you guys know if there's a way to let Mac auto-lock the device if it's too many attempts just like iOS?
[automerge]1590284929[/automerge]
chown33 said:
FV2 must be enabled on each drive you want encrypted.

Enabling it on the internal drive has no effect on any external drives.
Click to expand...

I attached my portable drive but only see "file vault is turned off for "my local internal drive name"" and I can turn on the FV, but it seems it's only applying to the local drive, not the portable drive?
 
Last edited:
casperes1996 said:
I don’t think you fully comprehend how long it would take. Also your password isn’t actually the key to decrypt it, at least on a T2 enabled Mac. It’s your password combined with a hardware hash from the T2 chip.
If we use a high performance computer with several Titan GPUs for attempting passwords, you’d still be looking at a time span nearing the heat death of the universe to brute force the encryption
Click to expand...

heat death of the universe.... Haha, I like your way of metaphor.
But I wonder, then why those email account website requires an verification code that you input according to the letters shown or other kind of verification, since it can take so long?
 
Rockman413 said:
heat death of the universe.... Haha, I like your way of metaphor.
But I wonder, then why those email account website requires an verification code that you input according to the letters shown or other kind of verification, since it can take so long?
Click to expand...

That's actually a common turn of phrase in the cryptography community, but thank you :p

Email account website? You mean any generic 2FA/MFA system? Like Apple also uses for logging in from an unknown source?
Well the short answer is that there are many layers to security, and you're only as well protected as your weakest entry point. With something like an encrypted drive, as I mentioned it will not only be encrypted with your password, but also hardware keys and such that the system will consistently be able to unlock but which are difficult for an attacker to bypass. - If a system can only really use your password and not much else the time to crack falls. If it's a password that you use on other login pages as well, your security has already fallen to the weakest of all those sites. And if it is just a password hash and it's not a very random password, you don't need to brute force every combination, you can rely on common password traits to speed up cracking most passwords.
And in the case of Apple's system at least, it's actually a step above that in terms of cleverness (though there may be more equally clever systems as well) - The MFA key that's sent to a trusted device is derived from the hardware key trusted on that device (or a pseudo random equivalencies). It's a key that allows a further exchange to happen, such that things locked with another device's hardware key can, in combination with your Apple ID, in fact be unlocked with the newly trusted device as well; Lots of complicated math involved that I don't even fully understand yet, but perhaps on the master's degree ;).

In short though, because there's many different security systems and not all are created equal. Encrypting something on device is also very different to encrypting something that is to be sent over a network.
 
Rockman413 said:
If the drive is stolen, even if I have a good encryption key, someone can still try all possibilites of a dictionary to open it, it's just a matter of time, is it?
Click to expand...
No, because the number of possibilities is infinite. Let’s say you use an arbitrary 24 character key. Each character can be any of nearly 100 possibilities. Then the number of possible keys is 100^24, which written out is 1,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000. Every character above 24 adds two more 00s.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back