"The effectiveness of cryptographic sanitization relies on the security of the encryption system used (e.g. AES), as well as the designer's ability to eliminate "side channel" attacks that might allow an adversary to extract the key or otherwise bypass the encryption," the UCSD researchers wrote in their paper.
AES or Advanced Encryption Standard, is the successor to the older DES (Data Encryption Standard). The standard is used by the U.S. government for using the 128-bit and 256-bit strengths to encrypt secret and top-secret-level documents, respectively.
But it's not enough to offer only AES encryption; much depends on how the encryption is deployed.
That's important in part because users don't always want to use passwords as long as needed for effective key generation. If a user chooses a password with fewer characters than would make a 128-bit or 256-bit key (one character = 8 bits, so we're talking about passwords of 16 or 32 characters, respectively), the remaining characters often automatically become zeros.
In such cases, said Charles Kolodgy, research director for secure content and threat management products at IDC, the password can more easily be guessed.
Kolodgy recommends users create a passphrase rather than a password. "The first step is to take care of 90% of the users out there," Kolodgy says. After that, the best solution is to have a random password character generator on the drive.
Even if your drive comes with native encryption capabilities, Schneier believes there is no way to tell whether a vendor's security is foolproof "apart from a $50,000 or $100,000 engineering effort" as he states in an essay on password security.
The UCSD researchers agreed that crypto-erasure is a good method of ensuring that an SSD can be sanitized at its end of life or when slated for re-use.
The researchers tested 12 SSDs and found that none of the available software techniques for erasing individual files is effective. Erasing entire SSDs with native sanitize commands was most effective, but only when performed correctly, and that software techniques work most, but not all, of the time.
The researchers did not identify the products used in the test.
UCSD's Non-volatile Systems Laboratory designed a procedure to bypass the flash translation layer (FTL) on SSDs and directly access the raw NAND flash chips to audit the success of any given sanitization technique.
Sign up for Computerworld eNewsletters.