Sanitization vs. crypto
2006-09-19
Bruce Schneier opines on NIST's proposed non-use of encryption as sanitization:
While NIST has removed the paragraph, functionally, they are correct. Bruce has too many qualifications, and missed some more - if there were no implementation bugs in your crypto, if your key was properly generated, if you didn't escrow the key for DR someplace where it didn't get removed, if there are no known-plaintext or chosen-plaintext attacks against your encryption algorithm within the life of your hard drive... just a few too many ifs.
By all means, encrypt the hard drive - it's a great practice, especially in the event your hard drive is lost. But absolutely sanitize it if you also have the opportunity.
Encryption is not a generally accepted means of sanitization. The increasing power of computers decreases the time needed to crack cipher text and therefore the inability to recover the encrypted data can not be assured.
I have to admit that this doesn't make any sense to me. If the encryption is done properly, and if the key is properly chosen, then erasing the key -- and all copies -- is equivalent to erasing the files. And if you're using full-disk encryption, then erasing the key is equivalent to sanitizing the drive. For that not to be true means that the encryption program isn't secure.
While NIST has removed the paragraph, functionally, they are correct. Bruce has too many qualifications, and missed some more - if there were no implementation bugs in your crypto, if your key was properly generated, if you didn't escrow the key for DR someplace where it didn't get removed, if there are no known-plaintext or chosen-plaintext attacks against your encryption algorithm within the life of your hard drive... just a few too many ifs.
By all means, encrypt the hard drive - it's a great practice, especially in the event your hard drive is lost. But absolutely sanitize it if you also have the opportunity.