ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Open access

Abstract

Securely deleting invalid data from secondary storage is critical to protect users’ data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs), which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime.

This paper proposes ErasuCrypto, a light-weight secure deletion framework with low block erasure and data migration overhead. ErasuCrypto integrates both erasurebased and encryption-based data deletion methods and flexibly selects the more cost-effective one to securely delete invalid data. We formulate a deletion cost minimization problem and give a greedy heuristic as the starting point. We further show that the problem can be reduced to a maximum-edge biclique finding problem, which can be effectively solved with existing heuristics. Experiments on real-world benchmarks show that ErasuCrypto can reduce the secure deletion cost of erasurebased scheme by 71% and the cost of cryptographybased scheme by 37%, while guaranteeing 100% security by deleting all the invalid data.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] U. S. Defense Security Services “Office of the Designated Approving Authority (ODAA) Process Manual” Nov. 2013. [Online]. Available: http://www.dss.mil/documents/odaa/ODAA%20Process%20Manual%20Version%203.2.pdf

  • [2] Royal Canadian Mounted Police “G2-003 Hard Drive Secure Information Removal and Destruction Guidelines” Oct. 2003.

  • [3] S. L. Garfinkel and A. Shelat “Remembrance of Data Passed: A Study of Disk Sanitization Practices” IEEE Security & Privacy vol. 1 no. 1 pp. 17-27 Feb. 2003.

  • [4] M. Gauthier and D. Jagdmann “srm - Linux man page.” [Online]. Available: https://www.mankier.com/1/srm

  • [5] B. Durak “wipe - Linux man page.” [Online]. Available: http: //manpages.ubuntu.com/manpages/wily/man1/wipe.1.html

  • [6] “Eraser.” [Online]. Available: http://eraser.heidi.ie/

  • [7] “Disk Wipe.” [Online]. Available: http://www.diskwipe.org/

  • [8] ITRS “International Technology Roadmap for Semiconductors” Emerging Research Devices (ERD). [Online]. Available: http://www.itrs2.net/2013-itrs.html

  • [9] J. Reardon S. Capkun and D. A. Basin “Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory” in Proceedings of the 21th USENIX Security Symposium Aug. 2012 pp. 333-348.

  • [10] T. Wang D. Liu Y. Wang and Z. Shao “FTL2: A Hybrid Flash Translation Layer with Logging for Write Reduction in Flash memory” in Proceedings of the 14th ACM SIGPLAN/SIGBED Conference on Languages Compilers and Tools for Embedded Systems May 2013 pp. 91-100.

  • [11] A. Gupta Y. Kim and B. Urgaonkar “DFTL: a flash translation layer employing demand-based selective caching of page-level address mappings” in Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems Mar. 2009 pp. 229-240.

  • [12] M. Wei L. M. Grupp F. E. Spada and S. Swanson “Reliably Erasing Data from Flash-Based Solid State Drives” in 9th USENIX Conference on File and Storage Technologies Feb. 2011 pp. 105-117.

  • [13] K. Sun J. Choi D. Lee and S. Noh “Models and Design of an Adaptive Hybrid Scheme for Secure Deletion of Data in Consumer Electronics” IEEE Transactions on Consumer Electronics vol. 54 no. 1 pp. 100-104 Feb. 2008.

  • [14] Y. Wang W.-K. Yu S. Wu G. Malysa G. E. Suh and E. C. Kan “Flash Memory for Ubiquitous Hardware Security Functions: True Random Number Generation and Device Fingerprints” in Proceedings of the 2012 IEEE Symposium on Security and Privacy May 2012 pp. 33-47.

  • [15] L. M. Grupp A. M. Caulfield J. Coburn S. Swanson E. Yaakobi P. H. Siegel and J. K. Wolf “Characterizing flash memory: Anomalies observations and applications” in 42nd Annual IEEE/ACM International Symposium on Microarchitecture Dec. 2009 pp. 24-33.

  • [16] J. Reardon D. A. Basin and S. Capkun “SoK: Secure Data Deletion” in Proceedings of the 2013 IEEE Symposium on Security and Privacy May 2013 pp. 301-315.

  • [17] M. Wei and S. Swanson “SAFE: Fast Verifiable Sanitization for SSDs” Unviersity of California San Diego Computer Science & Engineering Tech. Rep. Oct. 2010. [Online]. Available: https://cseweb.ucsd.edu/~swanson/papers/TRcs2011-0963-Safe.pdf

  • [18] J. Lee S. Yi J. Heo H. Park S. Y. Shin and Y. Cho “An efficient secure deletion scheme for flash file systems” Journal of Information Science and Engineering vol. 26 no. 1 pp. 27-38 Jan. 2010.

  • [19] C. Manning “How YAFFS Works” 2010. [Online]. Available: http://dubeyko.com/development/FileSystems/YAFFS/HowYaffsWorks.pdf

  • [20] J. Reardon C. Marforio S. Capkun and D. A. Basin “Userlevel secure deletion on log-structured file systems” in 7th ACM Symposium on Information Computer and Communications Security May 2012 pp. 63-64.

  • [21] G. F. Hughes T. Coughlin and D. M. Commins “Disposal of disk and tape data by secure sanitization” IEEE Security & Privacy vol. 7 no. 4 pp. 29-34 Aug. 2009.

  • [22] Z. Balshai O. Barel D. DeVetter E. Kaufman and O. Livne “Managing Intel Solid-State Drives Using Intel vPro Technology.” [Online]. Available: http://www.intel.com/content/dam/www/public/us/en/documents/whitepapers/it-management-wde-ssd-amt-encryption-paper.pdf

  • [23] NIST “Federal Information Processing Standard 197 The Advanced Encryption Standard (AES).” [Online]. Available: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  • [24] M. Solanki S. Salehi and A. Esmailpour “LTE Security: Encryption Algorithm Enhancements” in 2013 ASEE Northeast Section Conference Mar. 2013.

  • [25] R. Peeters “The Maximum Edge Biclique Problem is NPcomplete” Discrete Applied Mathematics vol. 131 no. 3 pp. 651-654 Sep. 2003.

  • [26] N. Gillis and F. Glineur “A continuous characterization of the maximum-edge biclique problem” Journal of Global Optimization vol. 58 no. 3 pp. 439-464 Mar. 2014.

  • [27] Microsoft “SSD Extension for DiskSim Simulation Environment” 2008. [Online]. Available: http://research.microsoft.com/en-us/downloads/

  • [28] J. S. Bucy J. Schindler S. W. Schlosser and G. R. Ganger “The DiskSim Simulation Environment” 2008. [Online]. Available: http://www.pdl.cmu.edu/DiskSim/

  • [29] S. Park Y. Kim B. Urgaonkar J. Lee and E. Seo “A comprehensive study of energy efficiency and performance of flash-based SSD” Journal of Systems Architecture: the EUROMICRO Journal vol. 57 pp. 354-365 Apr. 2011.

  • [30] P. Huang K. Zhou and C. Wu “ShiftFlash: Make flash-based storage more resilient and robust” Performance Evaluation vol. 68 Nov. 2011.

  • [31] D. Narayanan A. Donnelly and A. Rowstron “Write Off-Loading: Practical Power Management for Enterprise Storage” ACM Transactions on Storage vol. 4 no. 3 pp. 10:1-10:23 Nov. 2008

Search
Journal information
Cited By
Metrics
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 350 159 2
PDF Downloads 164 86 2