Normal view

There are new articles available, click to refresh the page.
Before yesterdayMain stream

How keys are used in FileVault and encryption

By: hoakley
25 June 2025 at 14:30

We rely on FileVault and APFS to protect our secrets by encrypting the volumes containing our documents and data. How they do that is a mystery to many, and raises important questions such as the role our passwords play, and how recovery keys work. This article attempts to demystify them.

Naïve encryption

A simple scheme to encrypt a disk or volume might be to take the user password, somehow turn it into a key suitable for the encryption method to be used, and employ that to encrypt and decrypt the data as it’s transferred between disk storage and memory.

There are lots of weaknesses and difficulties with that. Even using a ‘robust’ user password, it’s not going to be memorable, sufficiently long or hard to crack, and there’s no scope for recovery if that password is lost or forgotten.

FileVault base encryption

In Macs with T2 or Apple silicon chips when FileVault is disabled, everything in the Data volume stored on their internal SSD is still encrypted, but without any user password. This is performed in the Secure Enclave, which both handles the keys and performs the encryption/decryption. That ensures the keys used never leave the Secure Enclave, so are as well-protected as possible.

Generating the key used to encrypt the volume, the Volume Encryption Key or VEK, requires two huge numbers, a hardware key unique to that Mac, and the xART key generated by the Secure Enclave as a random number. The former ties the encryption to that Mac, and the latter ensures that an intruder can’t repeat generation of the same VEK even if it does know the hardware key. When you use Erase All Content and Settings (EACAS), the VEK is securely erased, rendering the encrypted data inaccessible, and there’s no means to either recover or recreate it.

This scheme lets the Mac automatically unlock decryption, but doesn’t put that in the control of the user, who therefore needs to enable FileVault to get full protection.

FileVault full encryption

Rather than trying to incorporate a user password or other key into the VEK, like many other encryption systems FileVault does this by encrypting the VEK using a Key Encryption Key or KEK, a process known as wrapping.

filevaultpasswords1

When you enter your FileVault password, that’s passed to the Secure Enclave, where it’s combined with the hardware key to generate the KEK, and that’s then used together with hardware and xART keys to decrypt or unwrap the VEK used for decryption/encryption.

This has several important benefits. As the KEK can be changed without producing a new VEK, the user password can be changed without the contents of the protected volume having to be fully decrypted and encrypted again. It’s also possible to generate multiple KEKs to support the use of recovery keys that can be used to unlock the VEK when the user’s password is lost or forgotten. Institutional keys can be created to unlock multiple KEKs and VEKs where an organisation might need access to protected storage in multiple Macs.

APFS encryption

True FileVault requires all keys to be stored in the Secure Enclave, and never released outside it. Intel Macs without T2 chips, and other protected volumes such as those on external storage can’t use that, and in the case of removable storage need an alternative that stays on the disk. For that, APFS uses the AES Key Wrap Specification in RFC 3394, using a secret such as a password to maintain confidentiality of every key.

APFS also uses separate VEKs and KEKs, so enabling the use of multiple KEKs for a single VEK, and the potential to change a KEK without having to decrypt and re-encrypt the whole volume, as in FileVault. In APFS, VEKs and KEKs are stored in and accessed from Keybags associated with both containers and volumes. The Container Keybag contains wrapped VEKs for each encrypted volume within that container, together with the location of each encrypted volume’s keybag. The Volume Keybag contains one or more wrapped KEKs for that volume, and an optional passphrase hint. These are shown in the diagram below.

apfsencryption1

Apple’s documentation refers to several secrets that can be used to wrap a KEK, including a user password, an individual recovery key, an institutional recovery key, and an unspecified mechanism implemented through iCloud. Currently, for normal software encryption in APFS, only two of those appear accessible: a user password is supported in both Disk Utility and diskutil‘s apfs verb, while diskutil also supports use of an institutional recovery key through its -recoverykeychain options. Individual and iCloud recovery keys only appear available when using FileVault, in this case implemented in software, either on Intel Macs without a T2 chip, or on all Macs when encrypting an external volume.

Because keybags are stored on the disk containing the encrypted volume, if the disk is connected to another Mac, when macOS tries to mount that volume, the user will be prompted to enter its password, and can then gain access to its contents. When FileVault is used to protect a Data volume on the internal SSD of a T2 or Apple silicon Mac, that volume can only be unlocked through the Secure Enclave of that Mac, and it isn’t possible to unlock it from another Mac (that’s also true when FileVault hasn’t been enabled on that volume).

Save space on the internal SSD by adding another volume

By: hoakley
28 May 2025 at 14:30

A basic Mac system consists of the Mac itself and external storage for its backups, and is by far the most popular configuration. For many folk backing up the whole of its Data volume is wise, but that isn’t always the most economical. If the Data volume contains large items that don’t need to be backed up as often as its working folders, that can waste space. This article shows how you can make it more efficient without additional cost or hardware.

Backups and local snapshots

Most good backup utilities including Time Machine also make local snapshots of the volumes they back up. Let’s say your Data volume contains 100 GB of files that either change little or don’t need to be backed up as frequently as the rest. One proven strategy for minimising the time and storage required for backups is to add those to the exclusion list, and back them up separately, maybe only once a week. You can do that to another volume on external storage, provided you ensure there’s sufficient space for both that and your normal automatic backups.

What that doesn’t do is keep those 100 GB out of the frequent snapshots made of the Data volume. While you can exclude files and folders from backups, snapshots always include everything in that volume, without exclusions. The only way to save the space they add to snapshot size is to move them to another volume that doesn’t get snapshots made of it. But your Mac’s standard disk layout doesn’t provide any spare volume for that.

This could apply to all sorts of relatively static data that doesn’t need Time Machine’s automatic hourly backups, including Virtual Machines and some large media libraries, although you won’t then be able to share these in iCloud Drive, which would require them to be in your Data volume.

Boot disk layout

Standard layout of the internal SSD of an Apple silicon Mac running Sequoia or earlier is shown below.

BootDiskStructureMSeq

Intel Macs have the same Apple APFS container with the Boot Volume Group in it, but the other two containers are replaced by a single small EFI partition.

Adding another partition or container is possible, but not recommended as it has a fixed size, and lacks the flexibility of a volume. It also risks disturbing the three existing partitions/containers. As they’re essential for the Mac to start up successfully, you don’t want to meddle with them.

In practice, the best place to add a new volume is inside the third container, the one already holding the System and Data volumes. Add that in Disk Utility once you’ve decided the next two steps.

Limit volume size

Your new volume is going to share space in its container with all the existing volumes, including both System and Data. It’s usually wise to impose a maximum limit on the size it can grow to, to avoid compromising any of those. When you add the new volume, put a sensible limit on its Quota Size.

Encryption

Although Apple’s documentation isn’t explicit, volumes added to the boot container aren’t protected by FileVault, unlike the Data volume. If you want your extra volume to be encrypted, you’ll have to format it in APFS (Encrypted). Whether that’s accelerated by the hardware in the Secure Enclave isn’t clear, and on Apple silicon Macs it’s hard to tell the difference, as you should get similar full speed performance from your extra volume to that of the Data volume.

Setting it up

Open Disk Utility, ensure its View options are set to Show All Devices, then select the Container holding the boot volumes. Click the + tool to add the new volume.

Give the volume a name, then click on the Size Options… button.

Enter your chosen Quota Size, as the maximum you want to allow the extra volume to use on the boot SSD, and click OK.

Then select whether you want it formatted in plain APFS, or encrypted, and click the Add button.

If you’ve opted for APFS (Encrypted) you’ll then be prompted to enter the encryption password. Unlike FileVault, there’s no option for a Recovery Key, or for iCloud Recovery.

When you first unlock the extra volume, you’ll be given the option to save its password to your keychain. That confirms this isn’t being performed by FileVault, as that protects its encryption keys in the Secure Enclave.

There are a couple of quirks:

  • If you try unmounting the extra volume using the Finder’s contextual menu, macOS might try to unmount all volumes on the boot disk, and warn you that it can’t. Simply cancel those warnings, and the extra volume should unmount fine. If you’re worried by this, unmount the volume in Disk Utility, which isn’t as silly.
  • You can use the Finder contextual menu to encrypt or decrypt the volume if you change your mind.

Summary

  • To save space in local snapshots made for backups of your Data volume, move bulky items that you back up separately to an extra volume alongside the Data volume.
  • Set a Quota Size on the extra volume to limit the maximum space it can take.
  • Use plain APFS or APFS (Encrypted) as the extra volume can’t be protected by FileVault.
  • If you encrypt the volume, safeguard its password as there’s no recovery option if you lose it.
  • The extra volume performs as well as any other volume on the internal SSD, and is far faster than using external storage.

A brief history of Mac native file systems

By: hoakley
12 April 2025 at 15:00

The first file system for Macintosh computers wasn’t HFS+ or even its predecessor HFS, but Macintosh File System, MFS. This was introduced in System 1 on the 128K Mac just over 41 years ago, to support its 400 KB floppy disks. Although it was fairly primitive, it incorporated some visionary features, including forks. Each file had two sets of data: a data fork as in other file systems, and a resource fork for storing structured blobs of data or resources.

File naming was liberal compared with MS-DOS, allowing names up to 255 characters long, although that was restricted to 63 by the Finder. Names could consist of any printable character except the colon :, a limitation that persists in the Finder today. As there was no directory hierarchy, folders were an illusion and couldn’t be created directly by the user. Instead there was always an Empty Folder available, and when that was used, a fresh Empty Folder was created. As this was a single-user file system, there were no permissions.

MFS was still supported until it was finally discontinued 13 years later in System 8, in 1997.

Hierarchical File System, HFS

MFS had been designed for the low-capacity floppy disks of the time, and not for use on hard disks, where its limitations would have been only too apparent. For the release of the Macintosh Hard Disk 20 in September 1985, and in anticipation of the Macintosh SE 18 months later, a new Hierarchical File System had to be released to replace MFS in System 2.1. HFS remained fully supported until the arrival of Mac OS X 10.6 Snow Leopard in 2009, and finally dropped altogether in macOS Catalina a decade later.

Developed by Patrick Dirks and Bill Bruffey, HFS maintained many of the novel features in MFS, with resource forks, long file names up to a maximum of 31 characters, still excluding the colon, and in its standard single-user version didn’t support permissions. The latter were incorporated into AppleShare later. File and folder names were case-preserving but case-insensitive.

Larger storage capacities brought the need for a hierarchical directory structure, implemented using B-trees in a Catalog File that made the display of even large directories very quick. Although much of HFS used 32-bit integers, that didn’t apply to the number of files in a logical disk, which was limited to 65,535, which must have seemed sufficient at the time, and given the maximum volume size of 2 TB. With early hard disks being measured in tens of MB, that may have seemed in the distant future.

Mac OS Extended, HFS+

With the growth in capacity of hard disks, HFS had to be updated to address its limitations, in a project with the internal name of Sequoia, delivering HFS+ in Mac OS 8.1 in 1998. Switching to 32-bit fields to identify allocation blocks allowed more efficient use to be made of storage and a larger number of files in each volume. File names were increased in maximum length to 255 characters, and changed from MacRoman encoding to Unicode UTF-16 to accommodate a broader range of languages. Support for additional forks beyond data and resource paved the way for the switch to extended attributes, and OS startup support was improved to allow alien operating systems to boot from HFS+ volumes.

prefsresedit

This screenshot shows a set of custom icons in a BNDL resource, in the QuarkXPress app in about 2000.

filesize04

This shows file information available in HFS+ in Classic Mac OS in 2002.

HFS+ and its predecessors were prone to develop errors as a result of operating system crashes and other unexpected events, and those could be cumulative, leading to data loss. This was addressed with the introduction of journalling, designed and implemented by Dominic Giampaolo, who came to Apple from implementing the file system for BeOS. This was tentatively introduced as an option in Mac OS X 10.2.2 in late 2002, and made a standard feature in 10.3 the following October. Alongside that came an optional wrapper for case-sensitivity in what was dubbed HFSX, and a change in Unicode decomposition to Normalisation Form D (NFD).

Mac OS X 10.4 augmented Posix permissions with Access Control Lists (ACLs), although they were little-used outside server environments for some years. Prior to 10.5, as with most other file systems, HFS+ supported file but not directory hard-links. With the introduction of Time Machine in 10.5 Leopard, directory hard-links were added to support the structure and illusions of Time Machine backup stores.

File system support for encryption was a bit more troubled. The original FileVault, introduced in 2003 with Mac OS X 10.3 Panther, located user Home folders in an encrypted sparse disk image, which was improved in 10.5 by moving to sparse bundles. This suffered several shortcomings and vulnerabilities, and was replaced by whole-volume encryption in FileVault 2 in Mac OS X 10.7 Lion. That required the addition of a logical volume manager, Core Storage, which was then used for Fusion Drives introduced in 2012.

Apple File System, APFS

HFS+ had been designed for computers with hard disks. It lacks some of the features of more modern file systems such as snapshots, special files such as sparse files, and concurrent access. It’s also not well-suited to use with SSDs and storage in smaller, mobile devices, although when the first iPhone shipped with iOS 1.0 in 2007, it used HFSX, the case-sensitive variant of HFS+. That was until the release of iOS 10.3 on 27 March 2017, which silently converted its file system to APFS.

In 2014, Apple had decided to write its own file system from scratch, and Dominic Giampaolo, responsible for journalling in HFS+, and Mike Mackovitch became its lead engineers. APFS was announced two years later at WWDC in 2016, when it was expected to be released in another 18 months if development and testing went smoothly. Those who had hoped for ZFS were disappointed and many remain so today. macOS Sierra already had a pre-release version for those who wanted to preview it, but as we discovered when we upgraded to High Sierra, that was a far cry from what was to come.

After a promising period in beta, Apple discovered fundamental problems between APFS and its popular Fusion Drives. The first release of macOS 10.13 shipped with APFS version 748.1.46, but abruptly dropped support for those, so converted only those startup volumes on SSDs and hard disks. Snapshots were wobbly at first, and it quickly became clear that APFS was never going to perform well on rotating disks.

High Sierra had a stormy early release history, marred by a series of security gaffes. Vulnerabilities were fixed in the Supplemental Update released less than two weeks after 10.13, leaving snapshots to be improved in 10.13.1 on 31 October. Many expected problems with Fusion Drives would be fixed quickly, but those weren’t ready for release until the following September. Another problem that troubled the introduction of APFS to all platforms was the refusal during beta-testing to incorporate Unicode normalisation; this had to be resolved in later versions of macOS 10.13 and iOS 10, as explained here and here.

In September 2018, Apple at last released Mojave 10.14 with support for Fusion Drives, accompanied by the first version of the Apple File System Reference. Although a long and detailed document, developers soon realised how incomplete it was, in spite of the long delay in its publication. At last third-party file system developers had some hard information to work with, and users started assuming that third-party disk maintenance and repair tools were imminent.

Catalina brought major changes to APFS, with the use of expanded volume roles to form System Volume Groups, with their separate but firmlinked System and Data volumes. macOS 10.15.5 fixed a serious bug preventing the transfer of very large amounts of data to RAID volumes. At that time, Apple released an updated version of the Apple File System Reference, building expectations that third-party tools were just round the corner, at least among those who weren’t aware of how much information was still missing. Nearly five years later, it’s still that same edition dated 22 June 2020 that remains the latest information released by Apple about APFS.

Further major changes came with Big Sur 11.0.1 when it was released in November 2020, introducing the sealed and signed snapshot now used to boot macOS. This was also the first release to support making Time Machine backups to APFS volumes, and to support Apple silicon Macs.

Although Apple dropped early hints that APFS might be released as open source, unlike its predecessors, after eight years, information about its internals released by Apple still appears to be insufficient to allow third-party developers to create maintenance tools independent of those bundled in macOS. This reluctance may stem from the deep involvement between the file system and macOS security.

Summary timeline

  • MFS Jan 1984 – Sep 1985, end of support 1997
  • HFS Sep 1985 – Jan 1988, end of support 2019
  • HFS+ Jan 1988 – present, still supported
  • APFS Sep 2017 (iOS March) – present, still supported

References

Inside Macintosh: Files, Chapter 2 – File Manager, on HFS
MacCyclopedia critical account of HFS and HFS+. 25 May 2003
Apple TN1150 HFS Plus Volume Format, 5 March 2004
Apple’s APFS Reference (PDF), last revised 22 June 2020.

Wikipedia on
MFS
HFS
HFS+

❌
❌