[Cryptography] Magnetic media destruction question

[Jan Dušátko]

Dne 08. 01. 26 v 4:17 Peter Gutmann via cryptography napsal(a):
> Yup, it's pretty much completely irrelevant.  One is a collection of clearly-
> labelled/identified bits of paper with the labelling visible to the naked eye,
> the other is a mini-skip full of, let's say ten million because I'm too lazy
> to sit down and do the volumetric calculation, identical fragments that have
> all suffered severe mechanical trauma.  And it's not like when I looked at it
> 30+ years ago where you could use ferrofluid to get an idea of the geometry
> and then try and recover the MFM data signal with an MFM (magnetic force
> microscope) and a lot of effort, you're dealing with exotic recording
> technologies where, and this is the bit I'm not sure about, you may need to
> actually physically reconstruct the platter to be able to pull a signal off
> it, or at least recover the encoding for the signal.  The bit density on a
> fragment won't matter much if the only way to recover what's on there is to
> have it moving under a read head at a given velocity with a flying height of a
> few nanometers... on a shredded fragment with burrs and bends and other
> damage.
>
> Peter.
> _______________________________________________

Peter,

In past I need to digging deeper in that area, because I have 
participated in several discussions on this topic with customers. They 
have concerned both magnetic media and solid state drives. The 
discussion is challenging but interesting because it balances data 
protection, sometimes cryptography, physics, technology and engineering 
disciplines. I would like to summarize few points, may could be useful 
for someone, beside there are lack of relation to cryptography.

Hard Drive:
Hard drive are fantastic engineering masterpiece. Could be provided with 
rotation per minute from list of 5400,7200,10000,15000. Able to read up 
to four segments per rotation (depends on optimalization). Able to 
precisely move fast enough to relevant track with time shorter than half 
of one rotation. And read extremely small bit of data. That bit now 
contain few magnetic domains (sometimes tenths, sometime only few of 
them) and depends on technology has a size about 100nm in length and 
50nm wide. I do not know exact properties from SMR devices (Shingled 
Magnetic Recording). This can create a problem how to recover data. 
Methods used in past could be summarized as:
- Mount plates to another disk and read pieces of data. This is natural 
attitude with low probability of success. Without reprogramming of 
controller to read raw data is unrealistic. More, the head itself is too 
wide to get appropriate "remnants". Pieces of data could be read thanks 
to imperfection of technology, like small vibration of head, not quite 
accurate exposure of the header to the same position as in the previous 
read/write case, wrong behave of domains on the threshold of magnetic 
field enforcing bit to change and other deviations.
- Kerr effect - tilting of plane polarized light. For infrared light 
this is about 5°, the higher the frequency, the lower the angle. More, 
you need to use magnetic domain size bigger than wavelength. That kind 
of attitude is relevant for past technology.
- Magnetic force microscopy (MFM). That technology require mostly two 
pass, where first one mapping relief (AFM) thanks to Wan der Walls 
forces, second path is about collecting information from distance (in 
nanometers scale) by magnetic force. That kind of mapping require vacuum 
and it is slow. But able to read orientation of magnetic domains ... 
include gaps between.
- In situation of shreeding, cutting material to pieces eradicate piece 
of data in the mechanical stress zone due to mechanical stress and 
possible reorganization due to indentation into the material. 
Furthermore, shearing or removal of material thermally and mechanically 
stresses individual domains, in addition to reorganization, some may 
pass the Curie temperature and lose the ability to hold information. The 
information from them is then random, mostly follow closest field force 
(could be engines or earth magnetic field).
- In situation of burning, crossing the Curie temperature has the same 
properties, domains stay randomly oriented.
- Demagnetizing of media, exactly enforcing media to use specific or 
random orientation probably will be tough to achieve for technologies 
like HAMR or MAMR.
Technology;Size of bit;Domains per bit;Size of domain;Curie point
LMR;200-100nm;10-50;200-80nm;720-870K
PMR;100-20nm;5-20;20-10nm;720-920K
SMR;80-15nm;5-15;15-10nm;720-920K
HAMR;50-5nm;2-8;8-5nm;970-1020K
MAMR;60-7nm;3-10;10-7nm;770–920 K
This is a reason, why I enforcing disk encryption, mainly on disk level 
to save a computation power. I do not think so that I need to explain 
advantages, because erasing of key material will be enough (for 
paranoid, you can reprovision the new key and overwrite whole content, 
delete that key again after).
For regular disk wipe, there are quite good list of standards. Peter 
Gutman introduced me to this area 20 years ago, but he is not aware 
about (thanks Peter, I was curios about your reasons for 35 pass). From 
my perspective, 3 phases is enough for most situation, 7 for sensitive 
data. But any remnants on the edge, caused by random head moving 
(vibration, temperature) can achieve attacker to read that data. Mainly 
pieces of data, broken by another write operations. Something you would 
like to read 10 letters writen on the same paper by the same pencil. 
Standards in that area is bellow.
NIST SP 800-88 (Rev. 1)
DoD 5220.22-M
DoD 5220.22-M ECE
Air Force (AFSSI 5020)
German BSI (BSI-2011-VS)
Peter Gutmann Method
Cryptographic Erasure (Crypto Erase)
IEEE 2883-2022

Solid State Drive:

This is probably most funny part. Solid state disks are memories, which, 
depends of technology (and architecture), could have complete different 
behave. And because small, could end in funny stories about mechanical 
destruction, which destruct case, but not media inside.

SSD disk should not use wipping like HDD, because of statistical 
properties of balancing utilization. Security should depend on 
cryptography, nothing else.

I hope this can help to someone. And, please apologize me for my gramma, 
I still work on it.

Regards

Jan

--
-- --- ----- -
Jan Dušátko

Tracker number: +420 602 427 840
e-mail:jan at dusatko.org
GPG:https://keys.dusatko.org/2E7D58B90FC2867C.asc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20260108/6ccd3297/attachment.htm>