Fast Logic Data Destruction for Military SSD
Quick Erase which means full disk logic destruction in a few seconds to get all
data in the SSD unreadable is critical in some specific environments of military
applications.
Generally, there are following different requirements for Quick Erase, and the
implementation methods by SSD firmware are different:
1. After the Quick Erase, the disk remains visible in OS and reusable after
initialization, just all data are read as 0xFF by Winhex.
For this type of Quick Erase, the firmware normally erases AES Encryption
Key first and then resumes the mapping table to factory defaults. Erasing
Encryption Key is to ensure the data can’t be correctly restored, and resuming
the mapping table to factory defaults destructs the mapping connections
between physical and logical addresses so that the data in the SSD can’t be
correctly read.
Notes have to be taken for such Quick Erase:
If the SSD receives program commands again or there is data in SDRAM
hasn’t been written into NAND Flash during executing the Quick Erase, the
data writes into the SSD would be continued after Quick Erase, then not all
data are read as 0xFF with Winhex.
Two solutions for this: One is wiping the data in SDRAM before executing data
destruction to avoid the data in SDRAM being written into NAND Flash after
the erase. Another solution is enable the Write Protect function when
executing data destruction until power on next time, this prevents the writing
command received after executing data destruction from continuing the data
writes into SSD.
2. After Quick Erase, the SSD is invisible in OS and of course the status of the
data inside can’t be checked by software.
This can be operated under the following order:
Wipe the mapping table after erasing the encryption key, and then destruct the
firmware, in such case, the SSD can only work again after returning to factory
for re-implanting firmware.
Military SSD: www.renice-tech.com
data in the SSD unreadable is critical in some specific environments of military
applications.
Generally, there are following different requirements for Quick Erase, and the
implementation methods by SSD firmware are different:
1. After the Quick Erase, the disk remains visible in OS and reusable after
initialization, just all data are read as 0xFF by Winhex.
Key first and then resumes the mapping table to factory defaults. Erasing
Encryption Key is to ensure the data can’t be correctly restored, and resuming
the mapping table to factory defaults destructs the mapping connections
between physical and logical addresses so that the data in the SSD can’t be
correctly read.
Notes have to be taken for such Quick Erase:
If the SSD receives program commands again or there is data in SDRAM
hasn’t been written into NAND Flash during executing the Quick Erase, the
data writes into the SSD would be continued after Quick Erase, then not all
data are read as 0xFF with Winhex.
Two solutions for this: One is wiping the data in SDRAM before executing data
destruction to avoid the data in SDRAM being written into NAND Flash after
the erase. Another solution is enable the Write Protect function when
executing data destruction until power on next time, this prevents the writing
command received after executing data destruction from continuing the data
writes into SSD.
2. After Quick Erase, the SSD is invisible in OS and of course the status of the
data inside can’t be checked by software.
This can be operated under the following order:
Wipe the mapping table after erasing the encryption key, and then destruct the
firmware, in such case, the SSD can only work again after returning to factory
for re-implanting firmware.
Military SSD: www.renice-tech.com
Comments
Post a Comment