Apple releases APFS with file and metadata encryption

Submitted by admin on Tue, 03/28/2017 - 13:37

Today Apple released iOS 10.3 and watchOS 3.2, new releases of the operating system which include the Apple File System.  Apple's revealed (APFS) at last year's Worldwide Developers Conference (WWDC). Unusually, Apple does not mention APFS in the list of features in iOS 10.3.


Modernisation was the company's motivation for creating the new file system. APFS is optimized for use with Flash memory (SSD), which most of Apple's devices utilize today. Apple's old file system HFS+ was developed at a time when floppy disks was the primary storage media.  HFS+ was less than optimum for handling the large file sizes which are possible today.

Apple's new file system APFS will improve performance significantly, as file reads and file writes will be substantially faster.

APFS also adds comprehensive encryption to the iPhone and Apple Watch. Characterised by Apple as “strong full-disk encryption” for both files and metadata, with optional “Multi-key encryption with per-file keys for file data and a separate key for sensitive metadata”, APFS is a significant security improvement on the file-only encryption offered on older versions of the OS.


According to Apple, “Even if someone were to compromise the physical security of the device and gain access to the device key, they still couldn't decrypt the user's files.” This is a significant security development!

APFS is installed automatically, when a user upgrades to iOS 10.3 and watchOS 3.2. No manual user intervention is required or even possible. Apple has once again upped the ante in creating the most secure consumer devices on the market. Unfortunately, iOS 10.3 can only be installed on iPhone 5 and younger devices.

APFS can be beta tested on MacOS Sierra. We expect AFPS to be included in MacOS 10.13, which should be introduced at the WWDC on June 5th in San Jose, California.