ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Authors: Chen Liu (University of Delaware), Hoda Aghaei Khouzani (University of Delaware), Chengmo Yang (University of Delaware)

Volume: 2017
Issue: 1
Pages: 132–148
DOI: https://doi.org/10.1515/popets-2017-0009

Download PDF

Abstract: Securely deleting invalid data from secondary storage is critical to protect users’ data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs), which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime. This paper proposes ErasuCrypto, a light-weight secure deletion framework with low block erasure and data migration overhead. ErasuCrypto integrates both erasurebased and encryption-based data deletion methods and flexibly selects the more cost-effective one to securely delete invalid data. We formulate a deletion cost minimization problem and give a greedy heuristic as the starting point. We further show that the problem can be reduced to a maximum-edge biclique finding problem, which can be effectively solved with existing heuristics. Experiments on real-world benchmarks show that ErasuCrypto can reduce the secure deletion cost of erasurebased scheme by 71% and the cost of cryptographybased scheme by 37%, while guaranteeing 100% security by deleting all the invalid data.

Keywords: SSD, secure deletion, cost optimization

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.