WWDC: Apple File System unveiled with deeper encryption and auto-trim

No more arguments with law enforcement over "back doors"?

Apple has unveiled a new file system that will replace its existing HFS+ file system from next year, which, it says, has been "engineered with encryption as a primary feature". The new file system was introduced at Apple's Worldwide Developer Conference (WWDC) in San Francisco, California, last night.

The new file system will add extra encryption features that will not only make it easier for users to encrypt files, but may re-ignite disputes with law enforcement and security agencies that have in the recent past demanded "back doors" for encrypted communications and devices.

Apple File System (APFS) will be backwards compatible with HFS+, which is used by both MacOS and iOS operating systems. HFS+ has been used by Apple since its launch in 2001, but existing third-party utilities will need to be updated to support it. Apple claims that one of the main reasons why the new file system is required is to take advantage of the shift to flash-based storage media.

One of the key features, therefore, will be auto-trim to prevent devices using flash from slowing over time (as any user of a cheap Android device eventually finds out). "Like HFS+, APFS supports TRIM operations. On APFS, TRIM operations are issued asynchronously from when files are deleted or free space is reclaimed, which ensures that these operations are only performed once metadata changes are persisted to stable storage," advises Apple.

It is also compatible, Apple is keen to assert, with traditional "spinning rust" hard-disk drives.

However, it is the extra support for encryption that raised most eyebrows. "On OS X, full disk encryption has been available since OS X 10.7 Lion. On iOS, a version of data protection that encrypts each file individually with its own key has been available since iOS 4... APFS combines both of these features into a unified model that encrypts file system metadata.

"APFS supports encryption natively. You can choose one of the following encryption models for each volume in a container: no encryption, single-key encryption, or multi-key encryption with per-file keys for file data, and a separate key for sensitive metadata. APFS encryption uses AES-XTS or AES-CBC, depending on the hardware. Multi-key encryption ensures the integrity of user data even when its physical security is compromised," claims Apple.

Other features include ‘space sharing', enabling multiple file systems to share the same underlying free space on a physical volume. "Unlike rigid partitioning schemes, which pre-allocate a fixed amount of space for each file system, APFS volumes can grow and shrink without volume repartitioning," claims Apple.

The 64-bit Inode Numbers scheme will also enable APFS to support more than nine quintillion files on a single volume (which ought to be enough for anyone - for the time being). For crash protection, APFS uses a copy-on-write metadata scheme to ensure that updates to the file system are crash-safe. This approach also reduces the additional overhead of journaling that occurs with HFS+.