Disk sanitization using encryption

US 20060143476A1
Filed: 12/05/2005
Published: 06/29/2006
Est. Priority Date: 12/14/2004
Status: Active Grant

First Claim

Patent Images

1. A method of disk sanitization comprising:

encrypting data stored on a disk, including a set of blocks, by using a first encryption key; and

in response to a request to delete the set of blocks, re-encrypting blocks stored on the disk other than the set of blocks, by using a second encryption key, and not re-encrypting the set of blocks; and

deleting the first encryption key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique for sanitizing data storage devices, such as magnetic disks, is disclosed. Logical data storage units such as files or portions thereof may be individually deleted and sanitized on a disk. A disk is divided into physical disk regions, each comprising one or more blocks. The contents of the disk are encrypted using a separate encryption key for each physical disk region. If a file or other data structure located in a first disk region and encrypted using a first encryption key is to be deleted, the logical portions (i.e., blocks) of that region that do not belong to the file are re-encrypted using a second encryption key, and the first encryption key is deleted.

Citations

21 Claims

1. A method of disk sanitization comprising:
- encrypting data stored on a disk, including a set of blocks, by using a first encryption key; and
  
  in response to a request to delete the set of blocks, re-encrypting blocks stored on the disk other than the set of blocks, by using a second encryption key, and not re-encrypting the set of blocks; and
  
  deleting the first encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the disk comprises a plurality of regions, and wherein said encrypting data stored on the disk comprises encrypting each of the plurality of regions with a different encryption key.
  - 3. The method of claim 1, wherein deleting the first encryption key comprises:
    - overwriting the first encryption key.
  - 4. The method of claim 3, wherein overwriting the first encryption key comprises:
    - overwriting a portion of a cryptographic key database including the first encryption key, wherein the cryptographic key database is encrypted using a master key.
  - 5. The method of claim 1, wherein re-encrypting blocks stored on the disk other than the set of blocks comprises using a cryptographic module.
  - 6. The method of claim 1, wherein the set of blocks comprises a file.
  - 7. The method of claim 1, wherein re-encrypting blocks stored on the disk other than the set of blocks comprises:
    - decrypting blocks stored on the disk other than the set of blocks, by using the first encryption key; and
      
      encrypting the blocks stored on the disk other than the set of blocks, by using the second encryption key.
  - 8. The method of claim 1, further comprising marking the set of blocks so that the first disk region may be overwritten.
  - 9. The method of claim 1, wherein the set of blocks represents a file.
  - 10. The method of claim 1, wherein the set of blocks represents a portion of a file.

11. A system to perform disk sanitization, the system comprising:
- a disk including data encrypted using a first encryption key; and
  
  a processor configured to respond to a command to delete a first set of encrypted blocks on the disk, the first set of encrypted blocks representing a file or a portion thereof, by;
  
  decrypting blocks on the disk other than the first set of encrypted blocks, using a second encryption key to re-encrypt the blocks on the disk other than the first set of encrypted blocks, and not decrypting the first set of encrypted blocks, and deleting the first encryption key.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein the disk comprises a plurality of regions, and wherein the processor is further configured to encrypt data stored on the disk by encrypting each of the plurality of regions with a different encryption key, and wherein the first set of blocks is contained within a single region of the plurality of regions.
  - 13. The system of claim 11, wherein the processor is at least part of a cryptographic module.
  - 14. The system of claim 11, wherein the first and second cryptographic keys are stored in a cryptographic key database on the disk.
  - 15. The system of claim 14, wherein the processor deletes the first encryption key by performing a media overwrite of the first encryption key.
  - 16. The system of claim 15, wherein the media overwrite is a single pass overwrite.
  - 17. The system of claim 14, wherein the cryptographic database is encrypted using a master key.
  - 18. The system of claim 17, wherein the master key is accessible to the cryptographic module.

19. A method for performing media sanitization of a disk that includes a plurality of regions, the method comprising:
- encrypting data on the disk by using a different encryption key to encrypt each of the plurality of regions, the data on the disk including a file, wherein said encrypting includes encrypting the file using a first encryption key;
  
  storing the first encryption key in a cryptographic key database;
  
  receiving a command to delete the file; and
  
  in response to the command to delete the file, identifying a first set of blocks on the disk which belong to the file and a second set of blocks on the disk which do not belong to the file;
  
  re-encrypting the second set of blocks by using a second encryption key and not re-encrypting the first set of blocks; and
  
  deleting the first encryption key by overwriting a portion of the cryptographic key database corresponding to the first encryption key.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19, further comprising:
    - encrypting the cryptographic key database using a master key.
  - 21. The method of claim 19, further comprising:
    - marking the first set of blocks so that the first set of blocks may be overwritten.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NetApp, Inc.
Original Assignee
NetApp, Inc.
Inventors
McGovern, William P.

Granted Patent

US 7,581,118 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/191
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2143   Clearing memory, e.g. to pr...

G11B 20/00086   Circuits for prevention of ...

G11B 20/00507   wherein consecutive physica...

G11B 20/00666   involving a step of erasing...

G11B 20/00673   wherein the erased or nulli...

G11B 20/00695   said measures preventing th...

G11B 20/10   Digital recording or reprod...

Disk sanitization using encryption

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Disk sanitization using encryption

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links