From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <wagner@tansi.org>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id MAIQS3j4vN5Q for <dm-crypt@saout.de>;
 Thu, 12 Dec 2013 01:49:39 +0100 (CET)
Received: from v6.tansi.org (unknown [87.118.116.4])
 by mail.saout.de (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Thu, 12 Dec 2013 01:49:39 +0100 (CET)
Received: from gatewagner.dyndns.org (77-57-44-24.dclient.hispeed.ch
 [77.57.44.24]) by v6.tansi.org (Postfix) with ESMTPA id D0D8420DC239
 for <dm-crypt@saout.de>; Thu, 12 Dec 2013 01:49:38 +0100 (CET)
Date: Thu, 12 Dec 2013 01:49:37 +0100
From: Arno Wagner <arno@wagner.name>
Message-ID: <20131212004937.GA18851@tansi.org>
References: <52A8B602.4030303@riseup.net>
 <20131211191607.GA9082@fancy-poultry.org>
 <20131211205516.GA21128@citd.de>
 <b940710a1d3dd7cd9265a69b9b5192d5.squirrel@ssl.verfeiert.org>
 <20131212002954.GA2263@citd.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20131212002954.GA2263@citd.de>
Subject: Re: [dm-crypt] Possibility for safe Luks partition delete
 functionality
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On Thu, Dec 12, 2013 at 01:29:54 CET, Matthias Schniedermeyer wrote:
> On 12.12.2013 00:22, Sven Eschenberg wrote:
> > Well usually those SSDs don't use any ecryption key, as long as you don't
> > use a HDD password (supposedly). Of course they could possible create a
> > random key and then write 'zeros' during secure erase, which would
> > incidently result in random content.
> 
> As the Secure Erase on the SSD i tested only takes seconds, i would 
> assume they (optionaly) reset the key and mark all sectors for reuse in 
> the wear-leveling-table. And then erase the cells either in the 
> background or the next time they are used. IOW the data is not really 
> erase immediatly, only inaccessible by normal read commands.
> 
> > But judging from experience, it would be quite foolish to assume
> > manufactures do anything properly or the way you'd expect it ;-).
> 
> Excactly.
> There is no real way of verifying what actually happens and if it done 
> in a way that really is secure.
> 
> The "content"-key can be something like MD5(serial_no + generation_no). 
> Which looks random in each iteration, but would be easily cracked by the 
> manufacturer.

Indeed. Or the manufacturer has some kind of backdoor. That is why
I recommend several overwrites with zeros, followed by physical 
destruction for SSDs. Same, BTW, for "hybrid" drives.

Arno
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare