[Cryptography] Shredding a file on a flash-based file system?
Perry E. Metzger
perry at piermont.com
Thu Jun 19 13:48:29 EDT 2014
On Thu, 19 Jun 2014 06:43:55 -0700 John Denker <jsd at av8n.com> wrote:
> On 06/18/2014 08:57 PM, Thierry Moreau asked:
> >
> > Does anyone know if this assumption is reasonable?
>
> Almost any crypto-related assumption about flash-based file
> systems is not reasonable. Ditto for many other modern
> hardware systems. They do too much behind your back,
> including moving data from place to place.
This is also true of modern hard disks -- and I must say I do *not*
trust hard drives with built in encryption, because there is no way to
test that they are working correctly.
> The only defense I've seen that makes any sense is to
> do full-disk encryption or something similar. [...] Then the
> problem of erasing the disk (or file) reduces to the problem of
> zeroizing the key.
If one has control over the hardware design, a small, battery backed
up SRAM might be ideal for storing a master key for such
purposes. It could be zeroized in very little time. One might even
build a circuit to cut off the power to the SRAM and drain the
residual charge off if one needs it to be *really* fast...
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list