Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //


02:30 PM
Kaan Onarlioglu
Kaan Onarlioglu
Connect Directly
E-Mail vvv

Cryptographic Erasure: Moving Beyond Hard Drive Destruction

In the good old days, incinerating backup tapes or shredding a few hard drives would have solved the problem. Today, we have a bigger challenge.

Over the last decade we meticulously taught ourselves how to collect, store, and process big data. Now, the next challenge is to get rid of this data.

The General Data Protection Regulation (GDPR), with its sweeping mandates for protecting personal data, was a wake-up call for businesses across the board that they needed to exercise greater control over many aspects of their data processing practices. The California Consumer Privacy Act followed suit, and there is a high probability that other upcoming privacy laws around the world will likely continue the trend.

Regulations around how data is used, data retention time frames, and data subjects' right to be forgotten all necessitate particular attention to data destruction. In the good old days, incinerating backup tapes or shredding a few hard drives would have solved the problem. Today, we have a bigger challenge on our hands.

We now work with complex, massively distributed computing environments. The resources we directly control are often spread across the globe, and the rest live in some external organization's opaque cloud. System components interact in complex (and sometimes unexpected) ways, forming both explicit and implicit data flows between them. The challenge is to track down where exactly data is before we can even start thinking about how to destroy it.

Cryptographic Erasure
Cryptographic erasure roughly means encrypting the data first, and when it is time to delete it, discarding the encryption key instead. Under computational assumptions that the underlying cryptographic primitives cannot be broken (and we can all agree that cryptography is the strongest link in a secure system), without the key, that data could never be decrypted again. It is as good as deleted.

Many readers will be familiar with the term from the recent NIST and ISO guidelines that recommend it as a secure data destruction technique. Storage media vendors have also been promoting cryptographic erasure as a faster alternative to traditional data destruction mechanisms. For example, self-encrypting drives in the market can refresh the key stored in their onboard controller, instantaneously rendering the contents unreadable.

In reality, however, this idea dates all the way back to 1996, first publicly proposed by Dan Boneh and Richard Lipton. In their paper titled "A Revocable Backup System," published in the USENIX Security Symposium, the authors describe a tape backup scheme in which backed-up data is encrypted with a periodically refreshed key. Every time the key changes, old backups are lost without requiring any modifications to the tape itself, analogous to modern self-encrypting drives.

So, how does this apply to our times and solve the problem of tracking data in and across complex computing environments? All of the previous examples focus on the use of cryptographic erasure as an efficient way to destroy all content on a given physical storage medium. However, let's take a step back and get a better view of the general principle behind the idea.

Cryptographic Erasure: Two Useful Properties
First, unlike in the previous scenarios, we do not need to restrict ourselves to using a single key that encrypts an entire drive or data set. Instead, we can have as many unique keys as we need, encrypting data at the granularity that serves our purposes. For example, a cloud service provider may decide to assign a unique key for each of its customers, allowing it to selectively destroy a specific customer's data when necessary. Otherwise, the provider may choose to partition the data at a finer granularity — a unique key per user, file, or even a database entry. The possibilities and business applications are immense.

Second, cryptographic erasure entirely bypasses the issue of tracking data flows. Whether the data resides in a remote data center, in someone else's cloud, or in a long-forgotten tape archive is irrelevant. The encrypted data is always bound to the encryption key, and it is sufficient to know where our keys are to be able to destroy all instances of our data.

Unfortunately, there is no silver bullet in security, and this is not the exception. A prerequisite for this scheme to work is that all sensitive data must be encrypted at all times. (Maybe that is a good thing!) This implies a computational overhead for cryptographic operations, but more importantly, the decision to incorporate cryptographic erasure into a system is probably best considered at early architectural design stages. Integration into legacy systems may be difficult and error prone.

Furthermore, as with every cryptographic system, storage and distribution of keys becomes a prime concern, especially with very fine-grained data partitioning schemes that could require large numbers of keys. This would necessitate building an appropriate key management infrastructure — a task with which security professionals often have a love-hate relationship.

Cryptographic erasure is a powerful technique that can address emerging data destruction challenges, especially in the face of stringent privacy laws, where traditional approaches remain impractical. Security professionals should take advantage of this tool in their arsenal, understand its trade-offs, and recognize that cryptographic erasure can have advanced applications beyond wiping hard drives.

Related Content:

Kaan Onarlioglu is a researcher and engineer at Akamai who is interested in a wide array of systems security problems, with an emphasis on designing practical technologies with real-life impact. He works to make computers and the Internet secure — but occasionally ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
1/15/2019 | 3:36:30 AM
Blessing or a curse
I am not sure if it is actually considered a blessing or a curse to know that data storage can somehow be a permanent facility. It is common knowledge to note that once you upload a piece of data onto the world wide web, you are permanently allowing it to wander around digital space aimlessly and indefinitely. Even if we were to wipe out the entire storage, there is still that piece of data embedded somewhere across the digital era by caches or cookies that work beyond our manual intervention.
User Rank: Apprentice
1/3/2019 | 8:57:54 AM
Re: Hilarious subject
We are clearly living in the digital era but not every business can thrive solely on an online platform. Some businesses, usually within the F&B market, need to have a physical facility for consumers who prefer to come in to have a taste before making any purchases, especially when they cost so much.
User Rank: Apprentice
12/20/2018 | 12:12:30 PM
Hilarious subject
Cryptographic world is such a nice domain and place. Specially because it's developed by humans.

At least in our days we are using human developed algorithms.

Why is this subject hilarious?

Because all cryptographic devices, algorithms or schemes have a universal key kept by the owner.

So what's the point of crypting your data if it can be undone?

And more, what's the point of deleting encrypted data as long as it can be undeleted and then decrypted with owner's universal key?

Do you want to get rid of your data, forever? Burn it, melt it down, combine it with another metals or chemical and MAYBE then it's possible to be gone. Unless a latest technology in Recovery field takes molecules of melted data, analyze it and get bits and bytes out of it :D


Thank you.

Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.