Protecting SSD Data Against Attacks
When a drive is broken and we have to throw it away, we want to be sure that no hackers can recover the data stored in that disk, especially in the enterprise environment where sensitive date are stored on the drive, such as financial transactions or military applications. As the SSD market is growing, the security issue must be carefully considered. Some methods used with HDDs, such as degaussian, are not applicable to SSDs, due to the different storage technique. Recent studies indicate that encryption is the necessary step to protect data stored in SSD against hackers attacks. This chapter describes the SSD security approach in comparison to HDD, then it walks the reader through the encryption world: how a cryptosystem is built, how a cryptosystem is broken, different encryption applications, and then the AES cryptosystem as it is the most used in SSDs; finally, it addresses the security applications in SSDs.
- 2.M. Wei, L.M. Grupp, F.E. Spada, S. Swanson, Reliably erasing data from flash-based solid state drives, in Usenix FAST 11 Conference (San Jose, 2011)Google Scholar
- 6.W. Diffie, M.E. Hellman, Multiuser cryptographic techniques. Fed. Inf. Process. Stand. Conf. Proc. 45, 109–112 (1979)Google Scholar
- 8.B. Schneier, Secrets and Lies: Digital Security in a Networked World (Wiley, New York, 2000)Google Scholar
- 23.Advanced Encryption Standard in Federal Information Processing Standard (FIPS) Publication 197 (2001)Google Scholar
- 24.J. Nechvatal, E. Barker, L. Bassham, W. Burr, M. Dworkin, J. Foti, E. Roback, Report on the development of the advanced encryption standard (AES), 2 Oct 2000Google Scholar