[cryptography] Deleting data on a flash?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Sep 23 04:41:05 EDT 2013


Adam Back <adam at cypherspace.org> writes:

>Apparently or so I've heard claim SSDs also offer lower level APIs to
>actually wipe physical (not logically wear-level mapped) cells, to reliably
>wipe working cells.  Anyone know about those?  They could be used where
>available and to the extent they are trusted.

What you're asking is "is there a way to bypass the FTL (flash translation 
layer) on SSD's"?  The answer is "it depends", it's going to be 
manufacturer/vendor-specific and you'd need a very deep knowledge of the 
internals of the FTL and the layout formats it uses to make use of the 
capability.  If you just want a blank "erase everything" then that's already 
present as the ATA Secure Erase command, you just need to find an SSD that 
gets it right, i.e. that does actually erase all flash when you send it the 
command and that doesn't brick itself in the process (see e.g. 
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase).  Or you can get one 
of the notoriously flaky SSD models like the Intel 320 and just wait for your 
data to go away all by itself.

(That would make for an interesting plausible-deniability defence, "yes of 
course all the data's gone, look at the model number of the SSD").

Peter.


More information about the cryptography mailing list