Protecting SSD Data Against Attacks

  • A. Marelli
  • R. Micheloni
Part of the Springer Series in Advanced Microelectronics book series (MICROELECTR., volume 37)


When a drive is broken and we have to throw it away, we want to be sure that no hackers can recover the data stored in that disk, especially in the enterprise environment where sensitive date are stored on the drive, such as financial transactions or military applications.

As the SSD market is growing, the security issue must be carefully considered. Some methods used with HDDs, such as degaussian, are not applicable to SSDs, due to the different storage technique. Recent studies indicate that encryption is the necessary step to protect data stored in SSD against hackers attacks.

This chapter describes the SSD security approach in comparison to HDD, then it walks the reader through the encryption world: how a cryptosystem is built, how a cryptosystem is broken, different encryption applications, and then the AES cryptosystem as it is the most used in SSDs; finally, it addresses the security applications in SSDs.


Hash Function Hard Disk Drive Advance Encryption Standard Encryption Method Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
  2. 2.
    M.Wei, L.M. Grupp, F.E. Spada, S. Swanson, Reliably erasing data from flash-based solid state drives, in Usenix FAST 11 Conference, San Jose, 2011Google Scholar
  3. 3.
    C. Shannon, Communication theory of secrecy systems. Bell Syst. Tech. J. 27, 379–423 (1949)MathSciNetGoogle Scholar
  4. 4.
    O. Goldreich, Foundations of Criptography: Basic Tools (Cambridge University Press, Cambridge, 2001)zbMATHCrossRefGoogle Scholar
  5. 5.
    D.R. Stinson, Cryptography: Theory and Practice (Chapman & Hall/CRC, London, 2006)zbMATHGoogle Scholar
  6. 6.
    W. Diffie, M.E. Hellman, Multiuser cryptographic techniques. Fed. Inf. Process. Stand. Conf. Proc. 45, 109–112 (1979)Google Scholar
  7. 7.
    U. Maurer, S. Wolf, The Diffie-Hellman protocol. Des. Codes Cryptogr. 19, 147–171 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    B. Schneier, Secrets and Lies: Digital Security in a Networked World (Wiley, New York, 2000)Google Scholar
  9. 9.
    R.L. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21, 120–126 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    A.K. Lenstra, E.R. Verheaul, Selecting cryptographic key sizes. J. Cryptolo. 14, 255–293 (2001)zbMATHGoogle Scholar
  11. 11.
    M.O. Rabin, Probabilistic algorithms for testing primality. J. Number Theory 12, 128–138 (1980)MathSciNetzbMATHCrossRefGoogle Scholar
  12. 12.
    M.J. Wiener, Cryptoanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36, 553–558 (1990)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    A.K. Lenstra, Integer factoring. Des. Codes Cryptogr. 19, 101–128 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    D. Boneh, G. Durfee, Cryptoanalysis of RSA with private key d less than N0.292. IEEE Trans. Inf. Theory 46, 1339–1349 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  15. 15.
    D. Boneh, Twenty years of attacks on the RSA cryptosystem. Not. Am. Math. Soc. 46, 203–213 (1999)MathSciNetzbMATHGoogle Scholar
  16. 16.
    N. Ferguson, B. Schneier, Practical Cryptography (Wiley, New York, 2003)Google Scholar
  17. 17.
    H. Delfs, H. Knebl, Introduction to Cryptography: Principles and Applications (Springer, New York, Berlin, 2002)zbMATHGoogle Scholar
  18. 18.
    R. Churchhouse, Codes and Ciphers: Julius Caesar, the Enigma and the Internet (Cambridge University Press, Cambridge, 2002)zbMATHGoogle Scholar
  19. 19.
    M. Bellare, R. Canetti, H. Krawczyk, Keying hash function for message authentication. Lect. Notes Comput. Sci. 1109, 1–15 (1996)CrossRefGoogle Scholar
  20. 20.
    P. Preneel, P.C. Van Oorschot, On the security of iterated message authentication codes. IEEE Trans. Inf. Theory 45, 188–199 (1999)zbMATHCrossRefGoogle Scholar
  21. 21.
    D. Pointcheval, J. Stern, Security arguments for signature schemes and blind signatures. J. Cryptol. 13, 361–396 (2000)zbMATHCrossRefGoogle Scholar
  22. 22.
    T.P. Pedersen, Signing contracts and paying electronically. Lect.Notes Comp. Sci. 1561, 134–157 (1999)CrossRefGoogle Scholar
  23. 23.
    Advanced Encryption Standard in Federal Information Processing Standard (FIPS) Publication 197 (2001)Google Scholar
  24. 24.
    J. Nechvatal, E. Barker, L. Bassham, W. Burr, M. Dworkin, J. Foti, E. Roback, Report on the Development of the Advanced Encryption Standard (AES), 2 Oct 2000Google Scholar
  25. 25.
    S. Murphy, M.J.B. Robshaw, Essential algebraic structure within AES. Lect. Notes Comp. Sci. 2442, 1–16 (2002)MathSciNetCrossRefGoogle Scholar
  26. 26.
    S. Landau, Polynomials in the nation’s service: using algebra to design the Advanced Encryption Standard. Am. Math. Mon. 111, 89–117 (2004)zbMATHCrossRefGoogle Scholar
  27. 27.
    S. Landau, Standing the test of time: the data encryption standard. Not. Am. Math. Soc. 47, 341–349 (2000)zbMATHGoogle Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2013

Authors and Affiliations

  1. 1.Enterprise Computing DivisionIntegrated Device TechnologyAgrate BrianzaItaly

Personalised recommendations