Data Recovery Possible on Securely Erased SSDs

Engineers at the University of California have published a paper stating that securely erasing data on Solid State Disks (SSDs) is difficult and often unachievable.

Researchers tested both full disk and individual file sanitisation (erasure) on numerous Flash-Based SSDs and found that current HDD security measures didn’t reliably erase the data on them. One of the key factors in this is the way data is stored in pages and blocks on SSDs and accessed as Logical Block Addresses (LBAs) by the Flash Translation Layer (FTL).

“to modify a sector, the FTL will write the new contents for the sector to another location and update the map so that the new data appears at the target LBA. As a result, the old version of the data remains in digital form in the flash memory.”

The researchers wrote a digital fingerprint on the SSDs, then tried to sanitise the drives using a variety of current HDD sanitisation techniques and found that:

  • Only 8 of the 12 SSDs tested had a built in ATA/SCSI sanitise command for securely deleting the data on the drives, and of those 8 only 4 were successful in securely deleting the test data.
  • Overwriting sanitisation methods were also attempted with some SSDs being sanitised after being completely overwritten twice. However some drives still contained original data after 20 overwriting passes, while others needed up to 140 hours to complete a single pass, making this option unreliable and undesirable.
  • Encryption of the SSDs could be the most reliable method of securing data. Once the encryption key is deleted the drive is theoretically sanitised, provided the internal storage location which hosts the encryption key is reliably sanitised itself. There is no way to verify this though, so this method is somewhat optimistic.
  • Degaussing the drives also had no effect in erasing data, as the SSDs do not use magnetic storage like their HDD counterparts.
  • Single file sanitisation was unachievable in all 12 methods tested, with remaining file information ranging from 4-75% on SSDs. This is due to the way data is stored by the FTL making it near impossible to specifically overwrite the location of the file.

“Unless the drive is encrypted, recovering remnant data from the flash is not difficult.”

The researchers have suggested some improvements to the FTL to remedy the shortcomings of SSD security, as with no reliable way to erase single files and only moderate success in sanitising entire SSDs, they aren’t currently an attractive option to security conscious users.