Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory
Joel Reardon, ETH Zurich
August 14, 2012 2:00pm, in DC 2585
We propose the Data Node Encrypted File System (DNEFS), which uses on-the-fly encryption and decryption of file system data nodes to efficiently and securely delete data on flash memory systems. DNEFS is a generic modification of existing flash file systems or controllers that enables secure data deletion while preserving the underlying systems' desirable properties: application-independence, fine-grained data access, wear-levelling, and efficiency.
We describe DNEFS both abstractly and in the context of the flash file system UBIFS. We propose UBIFSec, which integrates DNEFS into UBIFS. We implement UBIFSec by extending UBIFS's Linux implementation and we integrate UBIFSec in the Android operating system running on a Google Nexus One smartphone. We show that it is efficient and usable; Android OS and applications (including video and audio playback) run normally on top of UBIFSec. To the best of our knowledge, this work presents the first comprehensive and fully-implemented secure deletion solution that works within the specification of flash memory.
Joel Reardon is a PhD student at the ETH Zurich. He received his Bachelor's and Master's degrees at the University of Waterloo. His PhD thesis research is into secure deletion of data: how to ensure sensitive data, once deleted, is actually unavailable, even to the users themselves. This is an intuitive problem, and at the core of many higher-level security protocols which make the assumption that certain sensitive values are securely deleted to ensure useful security properties such as forward secrecy.