Moorepay logo Cutting edge payroll software
  • Powerful and easy to use
  • HMRC & RTI compliant
  • Used by payroll pros
Pipedrive logo The CRM platform to grow your business
  • Great for entrepreneurs
  • Powerful data analytics
  • Manage sales and data
Wix logo Powerful web builder and advanced business tools
  • Great for startups
  • Powerful web page builder
  • E-commerce available
Planable logo Supercharged content planning
  • Great for marketing
  • Better than lists or sheets
  • Manage social media
Webador logo Create a new website in 10 minutes. Easy.
  • Launch your website fast
  • Powerful data intuitive
  • No coding skills needed


Cryptographic erasure – everything you need to know

Updated on 14 December 2023

Cryptographic erasure, or crypto erase, is a process of securely deleting data from a storage device using cryptography. It is one of several methods for achieving data sanitisation. By overwriting data with cryptographic keys and algorithms, it can be made virtually impossible to recover even with specialised software and hardware tools.

Crypto erase is seen as a more secure alternative to traditional deletion methods such as formatting or simply deleting files. When done correctly, it can render data inaccessible even to forensic analysts. However, like all data sanitisation techniques, it is not 100% foolproof and should be used in conjunction with other security measures.

What is cryptographic erasure?

Cryptographic erasure is a process of securely deleting data from a storage device. The data is first encrypted, and then the encryption key is destroyed. This makes it impossible to recover the data. In the realm of data security, teams that develop NFT tokens often employ cryptographic erasure techniques to ensure the integrity and uniqueness of their digital assets. Crypto erase can be used on any type of storage device, including hard drives, SSDs, USB drives, and memory cards.

Moorepay logo Cutting edge payroll software
  • Powerful and easy to use
  • HMRC & RTI compliant
  • Used by payroll pros
Pipedrive logo The CRM platform to grow your business
  • Great for entrepreneurs
  • Powerful data analytics
  • Manage sales and data
Wix logo Powerful web builder and advanced business tools
  • Great for startups
  • Powerful web page builder
  • E-commerce available
Planable logo Supercharged content planning
  • Great for marketing
  • Better than lists or sheets
  • Manage social media
Webador logo Create a new website in 10 minutes. Easy.
  • Launch your website fast
  • Powerful data intuitive
  • No coding skills needed

Cryptographic erasure is a useful tool for data sanitisation. It can help you ensure that your data is irrecoverably deleted, and that it cannot be accessed or used by anyone else. Crypto erase may also help you comply with data privacy regulations, such as GDPR.

How does cryptographic erasure work?

The first step is to encrypt the data. This can be done using any type of encryption algorithm. The algorithm should be at least 128bits but ideally 256bits, you can read more about algorithms here. Once the data is encrypted, the encryption key is destroyed. This makes it impossible to decrypt the data, and therefore to recover it.

It is also a lot quicker than overwriting data, and it does not require specialised equipment. However, the time taken to complete cryptographic erasure will depend on the size of the storage device and the amount of data that needs to be erased.

Pros and Cons

Here is a list of pros:

  • A very secure way to delete data – Once the data is encrypted and the encryption key is destroyed, it cannot be recovered. This makes it an ideal solution for businesses that need to ensure a quick secure solution
  • Used on any type of storage device – This gives your organisation the flexibility and luxury of being able to respond quickly and efficiently when it comes time to wipe your devices.
  • Quicker than overwriting data – It can save you time and money and it does not require specialised equipment.
  • Short-term solution – When devices are in transit or require a speedy sanitisation it gives you the flexibility to do this.

Here is a list of cons:

  • Users can impact the success of cryptographic erasure – This happens through human errors and broken keys.
  • Doesn’t always meet regulatory compliance requirements – Because it does not include the steps of verification and certification.
  • Only valuable for drives that are encrypted by default – Devices need to have encryption available to them and it doesn’t do data destruction to fully remove data, meaning recovery is sometimes possible.
  • Backup keys may not be deleted – Even when a primary crypto erase key is deleted, there are often more backups to that key, which could leave your data open to bad actors.
  • Fast pace of technological development – This could render many encryption methods unreliable in a few years’ time, especially if quantum computing becomes a reality.

Is cryptographic erasure the right solution for your company?

It depends on your needs and requirements. If you need to ensure compliance with data privacy regulations, then cryptographic erasure may not be the right option. It is important to look at whether the regulations that apply to your organisation allow for cryptographic erasure. As technology is developing rapidly it is important to consider future proofing your data, encryption may leave your organisation susceptible to future problems. Another form of data destruction such as degaussing or shredding your device may be more appropriate.

FAQ

What is cryptographic erasure?

It is a process of securely deleting data from a storage device. The data is first encrypted, and then the encryption key is destroyed. This makes it impossible to recover the data. Crypto erase can be used on any type of storage device, including hard drives, SSDs, USB drives, and memory cards.

What are the benefits of cryptographic erasure?

Cryptographic erasure is a very secure way to delete data. Once the data is encrypted and the encryption key is destroyed, it cannot be recovered. This makes it an ideal solution for businesses that need to ensure compliance with data privacy regulations. Another benefit is that it can be used on any type of storage device.

What are the disadvantages of cryptographic erasure?

It doesn’t always meet regulatory compliance requirements because it does not include the steps of verification and certification. Even when a primary Crypto Erase key is deleted, there are often more backups to that key. The unpredictable pace of technological development could render many encryption methods unreliable in a few years’ time

Is cryptographic erasure the right solution for my company?

It depends on your needs and requirements. If you need to ensure compliance with data privacy regulations, then cryptographic erasure may not be the right option. It is important to look at whether the regulations that apply to your organisation allow for cryptographic erasure. However, another solution such as data destruction may be more appropriate.

What are the steps involved in cryptographic erasure?

The first step is to encrypt the data using any type of encryption algorithm. Once the data is encrypted, the encryption key is destroyed. This makes it impossible to recover the data.

How long does cryptographic erasure take?

It is a lot quicker than overwriting data, and it does not require specialised equipment. However, the time taken to complete cryptographic erasure will depend on the size of the storage device and the amount of data that needs to be erased.

Reviewed by , Managing Director

Compare prices ⓘ