HOME

TheInfoList



OR:

Crypto-shredding is the practice of 'deleting'
data In the pursuit of knowledge, data (; ) is a collection of discrete Value_(semiotics), values that convey information, describing quantity, qualitative property, quality, fact, statistics, other basic units of meaning, or simply sequences of sy ...
by deliberately deleting or overwriting the
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...
keys. This requires that the data have been encrypted. Data may be considered to exist in three states: data at rest,
data in transit Data in transit, also referred to as data in motion and data in flight, is data en route between source and destination, typically on a computer network. Data in transit can be separated into two categories: information that flows over the publi ...
and
data in use Data in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers. Scranton, PA data scientist Daniel Allen in 19 ...
. General data security principles, such as in the
CIA triad Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorize ...
of
confidentiality Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits the access or places restrictions on certain types of information. Legal confidentiality By law, lawyers are often required ...
,
integrity Integrity is the practice of being honest and showing a consistent and uncompromising adherence to strong moral and ethical principles and values. In ethics, integrity is regarded as the honesty and truthfulness or accuracy of one's actions. In ...
, and
availability In reliability engineering, the term availability has the following meanings: * The degree to which a system, subsystem or equipment is in a specified operable and committable state at the start of a mission, when the mission is called for at ...
, require that all three states must be adequately protected. Deleting data at rest on storage media such as backup tapes, data stored in the cloud, computers, phones, or
multi-function printer An MFP (multi-function product/printer/peripheral), multi-functional, all-in-one (AIO), or multi-function device (MFD), is an office machine which incorporates the functionality of multiple devices in one, so as to have a smaller footprint in a ...
s can present challenges when confidentiality of information is of concern. When encryption is in place, data disposal is more secure.


Motivations for use

There are various reasons for using crypto-shredding, including when the data is contained in defective or out-of date systems, there is no further use for the data, the circumstances are such that there are no ongerlegal rights to use or retain the data, and other similar motivations. Legal obligations may also come from regulations such as the
right to be forgotten The right to be forgotten (RTBF) is the right to have private information about a person be removed from Internet searches and other directories under some circumstances. The concept has been discussed and put into practice in several jurisdiction ...
, the General Data Protection Regulation, and others. Data security is largely influenced by
confidentiality Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits the access or places restrictions on certain types of information. Legal confidentiality By law, lawyers are often required ...
and privacy concerns.


Use

In some cases all data storage is encrypted, such as encrypting entire
harddisk A hard disk drive (HDD), hard disk, hard drive, or fixed disk is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magneti ...
s,
computer file A computer file is a computer resource for recording data in a computer storage device, primarily identified by its file name. Just as words can be written to paper, so can data be written to a computer file. Files can be shared with and trans ...
s, or
database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases s ...
s. Alternatively only specific data may be encrypted, such as passport numbers, social security numbers,
bank account number A bank account is a financial account maintained by a bank or other financial institution in which the financial transactions between the bank and a customer are recorded. Each financial institution sets the terms and conditions for each type of ...
s,
person name A person ( : people) is a being that has certain capacities or attributes such as reason, morality, consciousness or self-consciousness, and being a part of a culturally established form of social relations such as kinship, ownership of property, ...
s, or record in a databases. Additionally, data in one system may be encrypted with separate keys when that same data is contained in multiple systems. When specific pieces of data are encrypted (possibly with different keys) it allows for more specific data shredding.


Example

iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
devices and
Macintosh The Mac (known as Macintosh until 1999) is a family of personal computers designed and marketed by Apple Inc. Macs are known for their ease of use and minimalist designs, and are popular among students, creative professionals, and software en ...
computers with an Apple T2 or
Apple silicon Apple silicon is a series of system on a chip (SoC) and system in a package (SiP) processors designed by Apple Inc., mainly using the ARM architecture. It is the basis of most new Mac computers as well as iPhone, iPad, iPod Touch, Apple TV, ...
chip use crypto-shredding when performing the "Erase all content and settings" action by discarding all the keys in ' effaceable storage'. This renders all user data on the device cryptographically inaccessible, in a very short amount of time.


Best practices

* Storing encryption keys securely is important for shredding to be effective. For instance, shredding has no effect when a
symmetric Symmetry (from grc, συμμετρία "agreement in dimensions, due proportion, arrangement") in everyday language refers to a sense of harmonious and beautiful proportion and balance. In mathematics, "symmetry" has a more precise definiti ...
or asymmetric encryption key has already been compromised. A
Trusted Platform Module Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a ...
is meant to address this issue. A
hardware security module A hardware security module (HSM) is a physical computing device that safeguards and manages secrets (most importantly digital keys), performs encryption and decryption functions for digital signatures, strong authentication and other cryptogr ...
is considered one of the most secure ways to use and store encryption keys. *
Bring your own encryption Bring your own encryption (BYOE) also known as bring your own key (BYOK) is a cloud computing security marketing model that aims to help cloud service customers to use their own encryption software and manage their own encryption keys. BYOE allows c ...
refers to a cloud computing security model to help cloud service customers to use their own encryption software and manage their own encryption keys. * Crypographic "salting":
Hashing Hash, hashes, hash mark, or hashing may refer to: Substances * Hash (food), a coarse mixture of ingredients * Hash, a nickname for hashish, a cannabis product Hash mark * Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
may be vulnerable to a single breach if the hash key used for all data is the same. Hash keys can be reverse engineered by methods such as rainbow tables.
Salt Salt is a mineral composed primarily of sodium chloride (NaCl), a chemical compound belonging to the larger class of salts; salt in the form of a natural crystalline mineral is known as rock salt or halite. Salt is present in vast quant ...
is meant to address this problem by ensuring that access to the hash key will not compromise all data.


Security considerations

There are many security issues that should be considered when securing data. Some examples are listed in this section.The security issues listed here are not specific to crypto-shredding, and in general these may apply to all types of data encryption. In addition to crypto-shredding,
data erasure Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media b ...
,
degaussing Degaussing is the process of decreasing or eliminating a remnant magnetic field. It is named after the gauss, a unit of magnetism, which in turn was named after Carl Friedrich Gauss. Due to magnetic hysteresis, it is generally not possible to red ...
and physically shredding the physical device (disk) can mitigate the risk further. * Encryption strength can weaken over time as computing speed becomes more efficient and more time is available to discover exploits in secure systems. *
Brute-force attack In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correc ...
: If data is not adequately encrypted it may be possible to decrypt it through brute-force methods. Newer technology such as quantum computing increases the potential to allow brute-force attacks to become more efficient in the future. However, quantum computing is less effective against specific encryption methods such as symmetric encryption than others that are more vulnerable to brute-force attacks such as public-key encryption. Even when data is secured via use of symmetric encryption, there are methods such as
Grover's algorithm In quantum computing, Grover's algorithm, also known as the quantum search algorithm, refers to a quantum algorithm for unstructured search that finds with high probability the unique input to a black box function that produces a particular output ...
that make these kinds of attacks more effective, though this can be mitigated by other enhancements, such as using larger key values.Post Quantum-Crypto for dummies on wiley-vch.de
/ref> *
Data in use Data in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers. Scranton, PA data scientist Daniel Allen in 19 ...
: Data that is "in use" has specific vulnerabilities. For example, when (
plaintext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of com ...
) encryption keys are temporarily stored in
RAM Ram, ram, or RAM may refer to: Animals * A male sheep * Ram cichlid, a freshwater tropical fish People * Ram (given name) * Ram (surname) * Ram (director) (Ramsubramaniam), an Indian Tamil film director * RAM (musician) (born 1974), Dutch * ...
, it may be vulnerable to cold boot attacks, hardware
advanced persistent threat An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may ...
s,
rootkits A rootkit is a collection of software, computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence o ...
/bootkits, computer hardware supply chain attacks, and physical threats from users who have access. *
Data remanence Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting o ...
is the ability of computer memory to retain previously stored information beyond its intended lifetime, which also increases its vulnerability to unintended access. For example: When data on a harddisk is encrypted after it has been stored, it is possible that unencrypted data may remain on the harddisk. Encrypting data does not necessarily ensure the data will be overwritten at the same location as the unencrypted data. In addition, any
bad sector A bad sector in computing is a disk sector on a disk storage unit that is permanently damaged. Upon taking damage, all information stored on that sector is lost. When a bad sector is found and marked, the operating system like Windows or Linux will ...
s on a harddisk cannot be encrypted after data has been written to those locations. Encrypting data at the time it is written is always more secure than encrypting it after it has been stored without encryption. * Hibernation presents additional threats when an encryption key is used. Once an encryption key is loaded into RAM and the machine is placed into hibernation, all memory, including the encryption key, may be stored on the harddisk, which is outside of the encryption key's safe storage location.


References

{{Cryptography navbox Data security Key management Public-key cryptography Security