Cryptographic erasure

Sanitization method in which the media encryption key (MEK) for the encrypted Target Data is sanitized, making recovery of the decrypted Target Data improbable.

Cryptographic erasure is a media sanitization technique that is based on erasing or replacing the Media Encryption Key (MEK) of a self-encrypting drive (SED), including modern SSDs that store data in an encrypted form.

In order to achieve cryptographic erasure, the encryption on the storage device must be turned on by default and allow access to the API call to the storage device to remove the key, which allows cryptographic erasure to be supported.

The erasure software verifies that the encryption has removed the old key and replaced it with a new key, making the data encrypted using the previous key unrecoverable.

The erasure software must also produce a tamper-proof certificate, that contains information about the successful removal of the encryption key, along with information about the device and erasure standard used.

In Securaze, we consider the cryptographic erasure as the bare minimum. The reason for that is that this way, you actually rely on the vendor. There were cases both for mobile and for SSD erasure where it was possible to retrieve the crypto-key after the cryptographic erasure has been performed. For high security, we always suggest using the SEC-2021-SSD Performance standard, or for mobile erasure - the Advanced erasure.

Mobile:
Our Data Clear is using the vendor's factory reset.
For iOS, that is throwing away the crypto keys - as iOS storage is always encrypted.
For Android, it's not mandatory that the storage is encrypted - so if encrypted, a cryptographic erasure is performed.

SSD:
There are several erasure methods which use cryptographic erasure - e.g. the NIST 800-88 R1 Clear. Securaze uses it to compliment the SEC-2021-SSD Performance standard, but not trusting it alone - it's just an additional fallback.

 Related articles