Encryption is not a secure data destruction solution.

Encryption ultimately is subject to side channel and back door vulnerabilities, and should not be considered a viable end-of-life data destruction solution. US-CERT (United States Computer Emergency Readiness Team) published the following alert regarding the WPA2 security protocol. Notice specifically the reference to decryption. Data is not "destroyed" unless it has either been securely erased or the media on which the data is stored has been shredded to something about the size of a particle of sand (and fine sand at that).

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

HIPAA Final Rules

IBM: All current encryption methods will be broken "instantly" in 5 years' time

Encryption is not a secure data destruction solution.

Western Digital's hard drive encryption is useless. Totally useless Rookie errors make it child&

HIPAA Final Rules

No tags yet.

Encryption is not a secure data destruction solution.

Featured Posts

Recent Posts

Archive

Search By Tags

Follow Us

contact us for your personalized solution

info@virtual-io.com