TY - GEN
T1 - NFPS
T2 - 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016
AU - Jia, Shijie
AU - Xia, Luning
AU - Chen, Bo
AU - Liu, Peng
N1 - Publisher Copyright:
© 2016 ACM.
PY - 2016/5/30
Y1 - 2016/5/30
N2 - Securely removing data from modern computing systems is challenging, as past existence of the deleted data may leave artifacts in the layout at all layers of a computing system, which can be utilized by the adversary to infer information about the deleted data. Conventional overwriting-based and encryption-based solutions are not sufficient, as they cannot remove these artifacts. In this work, we aim to securely remove data from NAND ash-based block devices. We observed that completely removing the aforementioned artifacts from NAND ash is expensive, as it may require re-organizing the entire ash layout. We thus approach this security goal from a new angle. We investigate undetectable secure deletion, a novel security notion which can 1) remove the deleted data from ash devices, such that the adversary cannot have access to the deleted data once they have been removed, and 2) conceal the deletion history, such that the adversary cannot find out there was a deletion in the past. We design NAND Flash Partial Scrubbing (NFPS), the first undetectable secure deletion scheme for NAND ash-based block devices. We propose partial page reprogramming and partial block erasure methods to sanitize data from NAND ash. In addition, we incorporate NFPS to typical Flash Translation Layer (FTL) algorithms. Finally, we implement NFPS and experimentally evaluate its effectiveness.
AB - Securely removing data from modern computing systems is challenging, as past existence of the deleted data may leave artifacts in the layout at all layers of a computing system, which can be utilized by the adversary to infer information about the deleted data. Conventional overwriting-based and encryption-based solutions are not sufficient, as they cannot remove these artifacts. In this work, we aim to securely remove data from NAND ash-based block devices. We observed that completely removing the aforementioned artifacts from NAND ash is expensive, as it may require re-organizing the entire ash layout. We thus approach this security goal from a new angle. We investigate undetectable secure deletion, a novel security notion which can 1) remove the deleted data from ash devices, such that the adversary cannot have access to the deleted data once they have been removed, and 2) conceal the deletion history, such that the adversary cannot find out there was a deletion in the past. We design NAND Flash Partial Scrubbing (NFPS), the first undetectable secure deletion scheme for NAND ash-based block devices. We propose partial page reprogramming and partial block erasure methods to sanitize data from NAND ash. In addition, we incorporate NFPS to typical Flash Translation Layer (FTL) algorithms. Finally, we implement NFPS and experimentally evaluate its effectiveness.
UR - http://www.scopus.com/inward/record.url?scp=84979716029&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84979716029&partnerID=8YFLogxK
U2 - 10.1145/2897845.2897882
DO - 10.1145/2897845.2897882
M3 - Conference contribution
AN - SCOPUS:84979716029
T3 - ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security
SP - 305
EP - 316
BT - ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security
PB - Association for Computing Machinery, Inc
Y2 - 30 May 2016 through 3 June 2016
ER -