2012 Reports : Cryptology ePrint Archive Forum
Discussion forum for Cryptology ePrint Archive reports posted in 2012. Please put the report number in the subject.
2012/374 encryption of hibernatefile (sleepimage) with and without Core Storage in OS X
Posted by: grahamperrin (IP Logged)
Date: 19 July 2012 07:52
Encryption of hibernatefile with Core Storage
=============================================
> 4.2 Plaintext bits in encrypted volume
CVE-2011-3212
[cve.mitre.org]
is mentioned in the following Apple articles:
HT5002
[support.apple.com]
HT5281
[support.apple.com]
Encryption of hibernatefile without Core Storage
================================================
From Apple's current manual page for pmset(8):
>> hibernatefile - change hibernation image file location.
>> Image may only be located on the root volume.
>> Please use caution. (value = path)
[developer.apple.com]
Preliminary test results show that whilst the man page directs the user to locate the image file on the root volume, it is possible to both:
a) locate the file elsewhere (say, a JHFS+ Apple_HFS slice alongside the Apple_CoreStorage slice that is used to encrypt OS X); and
b) successfully wake from hibernation.
A question arises:
* whether encryption applies to a hibernatefile that is not on the root volume.
Edited 2 time(s). Last edit at 19-Jul-2012 08:08 by grahamperrin.
=============================================
> 4.2 Plaintext bits in encrypted volume
CVE-2011-3212
[cve.mitre.org]
is mentioned in the following Apple articles:
HT5002
[support.apple.com]
HT5281
[support.apple.com]
Encryption of hibernatefile without Core Storage
================================================
From Apple's current manual page for pmset(8):
>> hibernatefile - change hibernation image file location.
>> Image may only be located on the root volume.
>> Please use caution. (value = path)
[developer.apple.com]
Preliminary test results show that whilst the man page directs the user to locate the image file on the root volume, it is possible to both:
a) locate the file elsewhere (say, a JHFS+ Apple_HFS slice alongside the Apple_CoreStorage slice that is used to encrypt OS X); and
b) successfully wake from hibernation.
A question arises:
* whether encryption applies to a hibernatefile that is not on the root volume.
Edited 2 time(s). Last edit at 19-Jul-2012 08:08 by grahamperrin.
Please log in for posting a message. Only registered users may post in this forum.