Movatterモバイル変換

[0]ホーム

Jump to content

Zeroisation

Add links

From Wikipedia, the free encyclopedia

(Redirected fromZeroize)

Clearing the memory of a cryptographic device

"Emergency Erase" (АВАРИЙНОЕ СТИРАНИЕ) switch, zeroize inNSA parlance, on a cryptographic device of the SovietStrategic Rocket Forces

Incryptography,zeroisation (also spelledzeroization) is the practice of erasing sensitive parameters (electronically stored data,cryptographic keys, andcritical security parameters) from a cryptographic module to prevent their disclosure if the equipment is captured. This is generally accomplished by altering or deleting the contents to prevent recovery of the data.^[1]

Mechanical

[edit]

Whenencryption was performed bymechanical devices, this would often mean changing all the machine's settings to some fixed, meaningless value, such aszero. On machines with letter settings rather thannumerals, the letter 'O' was often used instead. Some machines had a button or lever for performing this process in a single step. Zeroisation would typically be performed at the end of an encryption session to prevent accidental disclosure of the keys, or immediately when there was a risk of capture by an adversary.^[2]

Software

[edit]

In modernsoftware based cryptographic modules, zeroisation is made considerably more complex by issues such asvirtual memory,compiler optimisations^[3] and use offlash memory.^[4] Also, zeroisation may need to be applied not only to the key, but also to aplaintext and some intermediate values. A cryptographic software developer must have an intimate understanding ofmemory management in a machine, and be prepared to zeroise data whenever a sensitive device might move outside the security boundary. Typically this will involve overwriting the data with zeroes, but in the case of some types ofnon-volatile storage the process is much more complex; seedata remanence.

As well as zeroising data due to memory management, software designers consider performing zeroisation:

When an application changes mode (e.g. to a test mode) or user;
When acomputer process changesprivileges;
On termination (including abnormal termination);
On any error condition which may indicate instability or tampering;
Upon user request;
Immediately, the last time the parameter is required; and
Possibly if a parameter has not been required for some time.

Informally, software developers may also usezeroise to mean any overwriting of sensitive data, not necessarily of a cryptographic nature.

Tamper resistant hardware

[edit]

Intamper resistant hardware, automatic zeroisation may be initiated when tampering is detected. Such hardware may be rated forcold zeroisation, the ability to zeroise itself without its normalpower supply enabled.