[cryptography] Deleting data on a flash?

ianG iang at iang.org
Mon Sep 23 04:02:45 EDT 2013

On 23/09/13 07:12 AM, Dev Random wrote:
> I've been thinking about this for a while now and I don't see a way to
> do this with today's mobile devices without some external help.
> The issue is that it's pretty much impossible to delete data securely
> from a flash device.

Why is that?

> That means that in order to guarantee PFS, you
> have to store the keys in memory only.  But again, in a mobile
> environment, you don't have access to stable memory either, because of
> the OS restarting your app, or the device itself rebooting.
> Let's call this the persistence/deletion issue.
> So, I submit that PFS in async messaging is impossible without help from
> some kind of ephemeral, yet persistent storage.  A possible solution
> might be to store a portion of the key material (through Shamir's secret
> sharing) on servers that you partially trust.

(I agree with the difficulty in general.  Stating anything like PFS in 
the context of a protocol makes less sense if one considers that the 
clients either end save the messages.)


More information about the cryptography mailing list