AES-XTS

AES (Advanced Encryption Standard) XEX Tweakable Block Cipher with Ciphertext Stealing (XTS). XTS mode was designed for cryptographic protection of data on storage devices using fixed length data units. AES-XTS is not suitable for encrypting data in transit.

XTS is based on Rogaway’s XEX (XOR Encrypt XOR) tweakable block cipher, supplemented with a method of extending input data strings called ciphertext stealing. Whilst XEX can only encrypt sequences of complete blocks (multiples of 128 bits), the data string for XTS may also consist of one or more complete blocks followed by a single, non-empty partial block.

Apple’s new file system (APFS) uses AES-XTS or AES-CBC, depending on hardware. APFS supports encryption natively, so you can choose from: no encryption, single-key encryption, or multi-key encryption with per-file keys for file data and a separate key for meta data. Apple FileVault 2 also uses AES-XTS.