FileVault 2 uses the Advanced Encryption Standard (AES) encryption algorithm, which delivers robust protection for stored data. Until mid-2013, it only supported the use of 128-bit keys, not 256-bit keys. Although 128-bit keys are technically acceptable in many environments, organizations are rapidly moving toward 256-bit keys to thwart emerging threats.
Wouldn't a stream algorithm be faster and easier to handle? Wont' the usage of a block cipher consume more disk space? Is there an istruction set in modern CPUs for streaming encryption algorithms as it is for block algorithms?
Thanks
A filesystem has to support all common use cases efficiently.
Now consider the case of a database file. (For example, one that uses SQLite.) It is common to know where your record is, to open up your file, seek to that place, read that record, possibly rewrite it, then close your file. With a block based algorithm that's just a question of loading the correct block, decrypting it, returning it, and then encrypting it on the way back. With a stream based algorithm you would need to read the whole database file to understand that part of the file, and would need to rewrite the whole database file again to modify a bit in the middle.
Therefore stream based algorithms would be horribly inefficient for this use case, while block based algorithms work well.
Incidentally as long as the encryption key is external to the block, a block based algorithm will have very little space overhead. Or, more precisely, will force you to round your file sizes up to the last block.