FileVault in Leopard

Advanced Encryption Standard with 128-bit keys (AES-128)

 

And you need 256 for?

 

You are probably looking for something like this.

http://www.pgp.com/products/wholediskencryption/tech_specs.html

perhaps?

*oh nvm, non boot only disks says the faq

of course filevault was never suppose to be whole disk, just user folders. i believe.

 

I thought I did see that Leopard was allowing 256bit encryption for disk images, though. They're not going to support that for FileVault?

 

Yeah under DYI encrypting it does day that Disk Utility does 256-bit AES.
http://www.apple.com/macosx/technology/security.html

 

That's a pretty high mandate. What area does you company work in?

We're financial, so highest possible encryption, where possible.

We're using PGP Whole disk on all laptops, but then again, we're a 100% Windows shop.

 

I can understand everyone's concerns here regarding how brute forcing is becoming more and more easy as processors get faster and faster, but apple really has worse problems with file vault to work out, to begin with, the headers of the blocks in the sparse images used are encrypted with 1024 bit RSA encryption! This is about equivalent to 72 bit AES, this needs to be fixed as important information regarding the key and algorithm are stored in the header. I agree with everyone here that wants a more secure file vault, but upgrading to 256 Bit AES alone for the data encryption is like getting all steel doors and frames for your house, but at the same time leaving a window open.

The NSA did a study on the security of File Vault in Mac OS 10.4 and had many criticisms that had nothing to do with the 128 bit key length.