Secure Data Deletion from Persistent Media

Authors: Joel Reardon, Hubert Ritzdorf, David Basin, and Srdjan Čapkun
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PDF

Abstract

Secure deletion is the task of deleting data irrecoverably from a physical medium. In this work, we present a general approach to the design and analysis of secure deletion for persistent storage that relies on encryption and key wrapping. We define a key disclosure graph that models the adversarial knowledge of the history of key generation and wrapping. We introduce a generic update function and prove that it achieves secure deletion of data against a coercive attacker; instances of the update function implement the update behaviour of all arborescent data structures including B-Trees, extendible hash tables, linked lists, and others. We implement a B-Tree instance of our solution. Our implementation is at the block-device layer, allowing any block-based file system to be used on top of it. Using different workloads, we find that the storage and communication overhead required for storing and retrieving B-Tree nodes is small and that this therefore constitutes a viable solution for many applications requiring secure deletion from persistent media. © 2013 ACM.

People

Dr. Joel Reardon
Doctoral Student (2010 – 2015)
Assistant Professor, University of Calgary
Dr. Hubert Ritzdorf
Doctoral Student (2012 – 2017)
CTO, ChainSecurity

BibTex

@inproceedings{reardon2013secure,
  author    = {Reardon, Joel and Ritzdorf, Hubert and Basin, David and Capkun, Srdjan},
  title     = {{Secure Data Deletion from Persistent Media}},
  booktitle = {Proceedings of the 2013 ACM SIGSAC conference on Computer {\&} communications security},
  address   = {Berlin, Germany},
  year      = 2013,
  month     = nov,
  publisher = {Association for Computing Machinery},
  doi       = {10.1145/2508859.2516699},
  url       = {https://doi.org/10.1145/2508859.2516699}
}

Research Collection: 20.500.11850/74089