(also cryptographic erasure)
Crypto shredding definition
Crypto shredding is a technique used to securely delete data from storage devices. It uses cryptographic algorithms to render the data unreadable and irrecoverable. Unlike traditional file deletion, which only removes file pointers or metadata, crypto shredding overwrites the actual data with random or encrypted information, making it virtually impossible to recover using forensic or data recovery techniques.
Examples of crypto shredding
Implementation of crypto shredding varies depending on the specific system and security requirements. Common examples include:
- Secure deletion. When a file is deleted via crypto shredding, it’s first encrypted using strong cryptographic algorithms, and then the encryption keys are destroyed. This way, encrypted data becomes effectively irrecoverable.
- Full disk encryption (FDE). Similarly to secure file deletion, in this case, the whole hard drive or solid-state drive (SSD) is encrypted via FDE, and the encryption keys are then destroyed.
- Cloud storage encryption. Before being uploaded to a cloud storage device, data is encrypted. Then, the associated encryption keys are destroyed if the data needs to be disposed of using crypto shredding.
- Mobile device data erasure. When a mobile device (a smartphone, tablet, etc.) needs to be securely wiped before disposal or repurposing, crypto shredding is a secure way to do so.