The article at http://www.net-security.org/article.php?id=1322 claims
that both are easily broken. I haven't been able to find any public
analyses of Keychain, even though the software is open-source so it's
relatively easy to check. I ran across an analysis of File Vault not
long ago which pointed out some fairly minor nits, but basically
claimed it did what it set out to do.
The article makes a bunch of other claims which aren't obviously
unreasonable.
Anyone one know of more recent analysis of Mac encryption stuff? (OS
bugs/security holes are a whole other story....)
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com