[Cryptography] Data remanence on solid state storage

John Gilmore gnu at toad.com
Sun Aug 18 01:13:49 EDT 2024 

Justin Goldberg wrote this message on Wed, Aug 07, 2024 at 08:57 -0400:
> Does anyone have updated guidance or can point to a good study on data
> remanence with SSD storage?

Try the references in:

  https://en.wikipedia.org/wiki/Data_sanitization
  https://en.wikipedia.org/wiki/Data_erasure

Here is the classic decade-old one specific to Flash:

  Michael Wei; Laura M. Grupp; Frederick E. Spada; Steven
  Swanson. "Reliably Erasing Data From Flash-Based Solid State Drives"
  FAST '11: 9th USENIX Conference on File and Storage
  Technologies. 2011-02-15  "For sanitizing entire disks,
  built-in sanitize commands are effective when implemented correctly,
  and software techniques work most, but not all, of the time. We found
  that none of the available software techniques for sanitizing
  individual files were effective."
  https://www.usenix.org/legacy/events/fast11/tech/full_papers/Wei.pdf

Here are a few less researchy and more practical articles that I found
by following those references to their references or comments:

  https://www.makeuseof.com/tag/securely-erase-ssd-without-destroying/

  https://www.skrilnetz.net/the-truth-about-how-to-securely-erase-a-solid-state-drive-ssd/

  https://nvmexpress.org/wp-content/uploads/Session-3-Verifying-SSD-Sanitization_Micron_Toshiba_Final-as-of-4.26.pdf

You could also use a citation database to see who's citing the Wei paper
above, read those papers, and see if any are useful.

None of the other sources that I found deployed either the skepticism,
the rigor, nor the deep analytical techniques of the 2011 Wei work from
UCSD's CMRR.  They built a device that would read raw flash chips,
humorously called Ming the Merciless, the fictional nemesis of "Flash"
Gordon.  They filled drives with long recognizable patterns via the
drive's ordinary write interface, erased the drives via the interface
(by various methods), then closely examined the raw flash chips to see
what data was still recoverable afterward.

UCSD's CMRR is now the Center for Memory and Recording Research, but it
started as the Center for Magnetic Recording Research.  They are the
ones who noticed the need for firmware Secure Erase commands in
hard-disk drives (because software overwrite methods couldn't know the
characteristics of the evolving media, error-recovery, nor encoding
methods).  They designed the feature for magnetic disk drives, and
tested manufacturers' implementations over decades.  They did the same
for S.M.A.R.T. error reporting and prediction systems.

It would be great if someone wanted to get academic credit for
replicating the CMRR 2011 research using 2025 storage media, and
reporting how well or badly modern media can be sanitized.  Don't forget
to try USB sticks, SD/MMC/eMMC cards, and NVM drives, as well as
tratitional SSD drives.  Plus the flash chips embedded in modern
smartphones, which are frequently attacked by governments, particularly
in border searches.  I'm sure NSA is already doing this research, but
since their data-stealing side always overpowers their data-securing
side, they don't publish to safeguard the citizens.

	John

PS: For extra points, after you've done more literature research, please
update the Wikipedia pages by adding the best references that you found.

More information about the cryptography mailing list