research-article

Secure data deletion from persistent media

Authors:

Hubert Ritzdorf,

Srdjan CapkunAuthors Info & Claims

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Pages 271 - 284

https://doi.org/10.1145/2508859.2516699

Published: 04 November 2013 Publication History

Abstract

Secure deletion is the task of deleting data irrecoverably from a physical medium. In this work, we present a general approach to the design and analysis of secure deletion for persistent storage that relies on encryption and key wrapping. We define a key disclosure graph that models the adversarial knowledge of the history of key generation and wrapping. We introduce a generic update function and prove that it achieves secure deletion of data against a coercive attacker; instances of the update function implement the update behaviour of all arborescent data structures including B-Trees, extendible hash tables, linked lists, and others. We implement a B-Tree instance of our solution. Our implementation is at the block-device layer, allowing any block-based file system to be used on top of it. Using different workloads, we find that the storage and communication overhead required for storing and retrieving B-Tree nodes is small and that this therefore constitutes a viable solution for many applications requiring secure deletion from persistent media.

References

[1]

Laszlo A. Bélády. A study of replacement algorithms for virtual-storage computer. IBM Systems Journal, 5(2):78--101, 1966.

Digital Library

[2]

Dan Boneh and Richard J. Lipton. A Revocable Backup System. In USENIX Security Symposium, pages 91--96, 1996.

Digital Library

[3]

Nikita Borisov, Ian Goldberg, and Eric Brewer. Off-the-record communication, or, why not to use PGP. In ACM workshop on Privacy in the electronic society, pages 77--84, 2004.

Digital Library

[4]

Christian Cachin, Kristiyan Haralambiev, Hsu-Chun Hsiao, and Alessandro Sorniotti. Policy-based Secure Deletion. Cryptology ePrint Archive, Report 152, 2013.

[5]

Douglas Comer. The ubiquitous B-tree. ACM Computing Surveys, 11:121--137, 1979.

Digital Library

[6]

Giovanni Di Crescenzo, Niels Ferguson, Russell Impagliazzo, and Markus Jakobsson. How to Forget a Secret. In STACS, Lecture Notes in Computer Science, pages 500--509. Springer, 1999.

Digital Library

[7]

Sarah M. Diesburg and An-I Andy Wang. A survey of confidential data storage and deletion methods. ACM Computing Surveys, 43(1):1--37, 2010.

Digital Library

[8]

Ronald Fagin, Jurg Nievergelt, Nicholas Pippenger, and H. Raymond Strong. Extendible hashing--a fast access method for dynamic files. ACM Trans. Database Syst., 4(3):315--344, 1979.

Digital Library

[9]

Simson Garfinkel and Abhi Shelat. Remembrance of Data Passed: A Study of Disk Sanitization Practices. IEEE Security & Privacy, pages 17--27, January 2003.

Digital Library

[10]

Roxana Geambasu, Tadayoshi Kohno, Amit A. Levy, and Henry M. Levy. Vanish: increasing data privacy with self-destructing data. In USENIX Security Symposium, pages 299--316, 2009.

Digital Library

[11]

Peter Gutmann. Secure Deletion of Data from Magnetic and Solid-State Memory. In USENIX Security Symposium, pages 77--89, 1996.

Digital Library

[12]

McDougall, R. and Mauro, J. FileBench. www.solarisinternals.com/si/tools/filebench/, 2005.

[13]

Ralph C. Merkle. A certified digital signature. In Proceedings on Advances in Cryptology, CRYPTO '89, pages 218--238. Springer-Verlag New York, Inc., 1989.

Digital Library

[14]

Mike Mesnier, Gregory R. Ganger, and Erik Riedel. Object-Based Storage. Communications Magazine, IEEE, 41(8):84--90, 2003.

Digital Library

[15]

Einar Mykletun, Maithili Narasimha, and Gene Tsudik. Providing authentication and integrity in outsourced databases using Merkle hash trees. Technical report, University of California Irvine, 2003.

[16]

Radia Perlman. The Ephemerizer: Making Data Disappear. Technical report, Sun Microsystems, 2005.

Digital Library

[17]

Joel Reardon, David Basin, and Srdjan Capkun. SoK: Secure Data Deletion. In IEEE Symposium on Security and Privacy, 2013.

Digital Library

[18]

Joel Reardon, Srdjan Capkun, and David Basin. Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory. In USENIX Security Symposium, pages 333--348, 2012.

Digital Library

[19]

Ohad Rodeh. B-trees, shadowing, and clones. Trans. Storage, 3(4):2:1--2:27, 2008.

Digital Library

[20]

Yang Tang, Patrick P. C. Lee, John C. S. Lui, and Radia Perlman. FADE: Secure Overlay Cloud Storage with File Assured Deletion. In SecureComm, pages 380--397, 2010.

[21]

W. T. Tutte. Graph Theory. Encyclopedia of Mathematics and its Applications. Addison-Wesley Publishing Company, 1984.

[22]

Scott Wolchok, Owen S. Hoffman, Nadia Henninger, Edward W. Felten, J. Alex Haldermann, Christopher J. Rossback, Brent Waters, and Emmet Witchel. Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs. In Proc.\ 17th Network and Distributed System Security Symposium, February 2010.

Cited By

Ratliff ZGoh WWieland AMickens JWilliams R(2024)Holepunch: Fast, Secure File Deletion with Crash Consistency2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00237(2705-2721)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00237
Yang LLi CWei TZhang FMa JXiong N(2022)Vacuum: Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile DevicesIEEE Internet of Things Journal10.1109/JIOT.2021.31195149:12(10093-10107)Online publication date: 15-Jun-2022
https://doi.org/10.1109/JIOT.2021.3119514
Bienstock ADodis YTang Y(2022)Multicast Key Agreement, RevisitedTopics in Cryptology – CT-RSA 202210.1007/978-3-030-95312-6_1(1-25)Online publication date: 29-Jan-2022
https://doi.org/10.1007/978-3-030-95312-6_1
Show More Cited By

Index Terms

Secure data deletion from persistent media
1. Information systems
  1. Information storage systems
    1. Storage management
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        File systems management
        Memory management

Recommendations

Policy-based secure deletion
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Securely deleting data from storage systems has become difficult today. Most storage space is provided as a virtual resource and traverses many layers between the user and the actual physical storage medium. Operations to properly erase data and wipe ...
Secure deletion myths, issues, and solutions
StorageSS '06: Proceedings of the second ACM workshop on Storage security and survivability

This paper has three goals. (1) We try to debunk several held misconceptions about secure deletion: that encryption is an ideal solution for everybody, that existing data-overwriting tools work well, and that securely deleted files must be overwritten ...
Password-based single-file encryption and secure data deletion for solid-state drive
ICUIMC '14: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

Recently, SSD sales are on the steady rise. The reason of sales is that SSD is faster and smaller than HDD. Therefore SSD serves as a typical alternative to HDD. In fact, SSD considerably emulates the technology of HDD such as the communication protocol ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

November 2013

1530 pages

ISBN:9781450324779

DOI:10.1145/2508859

General Chair:
Ahmad-Reza Sadeghi
TU Darmstadt, CASED, Intel ICRI-SC, Germany
,
Program Chairs:
Virgil Gligor
Carnegie Mellon University, USA
,
Moti Yung
Columbia University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 4 - 8, 2013

Berlin, Germany

Acceptance Rates

CCS '13 Paper Acceptance Rate 105 of 530 submissions, 20%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

29
Total Citations
View Citations
818
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)3

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ratliff ZGoh WWieland AMickens JWilliams R(2024)Holepunch: Fast, Secure File Deletion with Crash Consistency2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00237(2705-2721)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00237
Yang LLi CWei TZhang FMa JXiong N(2022)Vacuum: Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile DevicesIEEE Internet of Things Journal10.1109/JIOT.2021.31195149:12(10093-10107)Online publication date: 15-Jun-2022
https://doi.org/10.1109/JIOT.2021.3119514
Bienstock ADodis YTang Y(2022)Multicast Key Agreement, RevisitedTopics in Cryptology – CT-RSA 202210.1007/978-3-030-95312-6_1(1-25)Online publication date: 29-Jan-2022
https://doi.org/10.1007/978-3-030-95312-6_1
Ren ZLi XWang LXu STong YTang J(2021)Minimal key set of binary key-derivation tree in cloud storageSoft Computing10.1007/s00500-021-06065-w27:2(1177-1188)Online publication date: 3-Aug-2021
https://doi.org/10.1007/s00500-021-06065-w
Wani M(2021)Privacy Preserving Anti-forensic TechniquesMultimedia Security10.1007/978-981-15-8711-5_5(89-108)Online publication date: 12-Jan-2021
https://doi.org/10.1007/978-981-15-8711-5_5
Bienstock ADodis YYeo K(2021)Forward Secret Encrypted RAM: Lower Bounds and ApplicationsTheory of Cryptography10.1007/978-3-030-90456-2_3(62-93)Online publication date: 4-Nov-2021
https://doi.org/10.1007/978-3-030-90456-2_3
Meng WGe JJiang T(2019)Secure Data Deduplication with Reliable Data Deletion in CloudInternational Journal of Foundations of Computer Science10.1142/S012905411940012430:04(551-570)Online publication date: 2-Jul-2019
https://doi.org/10.1142/S0129054119400124
Karim YSatvat KHosseini MHasan R(2019)PurgeMEM: Towards Building A Memory Safe Cloud2019 SoutheastCon10.1109/SoutheastCon42311.2019.9020635(1-8)Online publication date: Apr-2019
https://doi.org/10.1109/SoutheastCon42311.2019.9020635
Zhang QJia SChang BChen B(2018)Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a surveyCybersecurity10.1186/s42400-018-0005-81:1Online publication date: 5-Jun-2018
https://doi.org/10.1186/s42400-018-0005-8
Onarlioglu KRobertson WKirda E(2018)Eraser: Your Data Won't Be Back2018 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP.2018.00019(153-166)Online publication date: Apr-2018
https://doi.org/10.1109/EuroSP.2018.00019
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents