Securely wipe all data?

Joe_Koba

Maybe this info is already out there somewhere, but I didn't manage to find any.

Since the Pixel 10 series is now supported I've decided to upgrade from my old Pixel 4a. Still got a decent price reduction by returning the 4a to swap for the 10 pro. So I'm going to need to flash stock Android back to my 4a.

So my question is this: while flashing a new OS does wipe the data on the device, how "secure" is this wipe in terms of data destruction standards? Is this wipe ISO 2700 compliant and/or does it specifically apply the NIST 800-88 method? If not, any suggestions how to perform a secure full disk wipe before flashing back the stock OS?

I know the data is encrypted and "should" be totally irretrievable after flashing a new OS anyway, even if any data were to be left on the device. That's not enough. Government and corporate data is securely wiped from carriers before disposal, even if that data is encrypted, for a reason: we do not know future developments in cryptanalysis technology, so an adversary might hold on to currently irretrievable data until such technology becomes available, and the data might still be relevant at that point.

userofgos

Joe_Koba There are a few threads on this you would find with a search. See below:

You'll also find the answer on the GrapheneOS website: https://grapheneos.org/faq#encryption

Weaver also provides reliable wiping of data since the secure element can reliably wipe a Weaver slot. Deleting a profile will wipe the corresponding Weaver slot and a factory reset of the device wipes all of the Weaver slots.

de0u

Joe_Koba Government and corporate data is securely wiped from carriers before disposal, even if that data is encrypted, for a reason: we do not know future developments in cryptanalysis technology, so an adversary might hold on to currently irretrievable data until such technology becomes available, and the data might still be relevant at that point.

If that threat model applies to your Pixel 4a, I suspect the only options would be shredding it or melting it down. Presumably those will dramatically reduce the trade-in value, but addressing higher threat levels frequently involves spending more money.

Meanwhile, my quick skimming of the updated version of NIST 800-88 (link) seems to show an extended discussion of when cryptographic erasure is sufficient. I'm not sure what is meant by "the NIST 800-88 method", since it seems that there are multiple ones.

MetropleX

Joe_Koba That's not enough.

The data on GrapheneOS as with most good standard SSDs is encrypted using AES-256-XTS which is quantum resistant. It is enough.

raccoondad

userofgos haha that's me!

Joe_Koba

userofgos Thanks for that!

Sadly, unless I'm completely missing something, both of these threads can be summarized as: "no need to securely wipe because encryption" - which isn't an answer to what I'm asking.

The info on the GOS website seems more promising, but it is not entirely clear to me what that entails. What does "reliably wipe" mean in that paragraph? Also, are only the weaver tokens wiped, or is all data wiped?

secbind

Joe_Koba When flashing a factory image, the fastboot -w command is executed, which is not ISO 27001 compliant. I think the simplest process for NIST 800-88 purge compliance would be overwriting data using ADB.

raccoondad

Joe_Koba Also, are only the weaver tokens wiped, or is all data wiped?

Only tokens, the ciphertext isn't. I don't believe any modern device wipes flash. NVME doesn't either with secure erase

ryrona

secbind I think the simplest process for NIST 800-88 purge compliance would be overwriting data using ADB.

This is not an effective way to wipe data on flash based storage mediums, such as those in phones. This will not accomplish anything, and repeatedly overwriting data at the logical level will not guarantee data has actually been erased at the physical level, due to how wear leveling on flash based storage works. In fact, much of the data will remain, trivially readable by anyone physically connecting directly to the flash chip. Erasing data by overwriting disk storage at the logical level was only a reliable erasure method on magnetic harddrives. Doing it on flash based storage will just cause a lot of wear on the chip without actually deleting the data.

Joe_Koba So the secure element is indeed wiped in the sense of zeroing the bits of data.

That is not what that text says. It doesn't say anything how the Titan chip (Secure Element chip) deleted the Weaver tokens, because we don't know.

NetRunner88

Thought there isn't proper wiping on solid state storage mediums because of how they work

raccoondad

NetRunner88 Thought there isn't proper wiping on solid state storage mediums because of how they work

There is, because usually SSDs will transparently encrypt the data with a key found on the SSD itself.

When its time to erase, it will securely wipe the key from its internal memory, making all data unreadable. Its no different than random bits from that point on.

The reason we don't use disk related methods of secure erase is because it would cause stress on the SSD in a way that would damage the storage medium.

Joe_Koba

raccoondad Yes I thought this is one of the reasons why DoD 5220.22-M ECE (fine for HDD) has mostly been ditched for the NIST 800-88 sanitization method (better for SDD). However since I'm planning to perform the wipe only once and the device will no longer be my problem from there on, I figured the potential stress on the SSD would be a minor issue.

Could you maybe elaborate on what "securely wipe" the key means, precisely? I mean, how reliable is the data destruction method used on the key?

Joe_Koba

de0u As a matter of fact, physical destruction of the device is indeed a viable alternative (and has been applied on other devices device in my context) if I'm not sufficiently reassured on this subject. But I'd rather avoid it. I am aware such a high threat model seems to contradict the very idea of swapping the device with Google for a modest price reduction, regardless of data destruction reassurances, but I can't really be more specific as to why in my case those are not necessarily mutually exclusive.

Joe_Koba

MetropleX I really don't mean to beg the question and you guys are undoubtedly more knowledgeable than me in this regard (I'm not a security nor a software expert, just someone that needs to be very careful about their data) but isn't it even quantum resistant encryption only "enough" if you are absolutely 100% certain that you have never made any human mistake, possibly allowing an adversary to get a hold of your encryption key, which might enable them to decrypt the data if they were be able to get it? Or would a factory reset "reliably wiping" the Weaver token make the data inaccessible even if the adversary would hold the encryption key - that would indeed reassure me (depending on what "reliably wipe" means)

MetropleX

Joe_Koba reliably wipe means:

wipes the secure element which holds tokens needed to derive the encryption keys, making all data/metadata unrecoverable.

Novalissoide

Joe_Koba 100% certain that you have never made any human mistake, possibly allowing an adversary to get a hold of your encryption key, which might enable them to decrypt the data if they were be able to get it?

After you factory reset your phone, that encryption key that an adversary previously gathered gets unusable.

Joe_Koba

Novalissoide So the data becomes irretrievable regardless of any previous encryption breaches, however sophisticated. If that is indeed the case, this adresses 90% of my concerns. Thanks.

As for the remaining 10% :
MetropleX It's probably me, but all I understand from that is that "reliably wiped means wiped". So the secure element is wiped, ok. How is it wiped, then? Is it at all like the DoD method for HDDs: overwriting the data on the secure element with 0s multiple times (3, or 7, depending on the method) - does the secure element even work that way? Or... ?

Novalissoide

Joe_Koba https://en.wikipedia.org/wiki/Forward_secrecy

Our devices, and most actions of their security chips relies on this.

Novalissoide

Joe_Koba further reading recommendation:
https://grapheneos.org/faq#security-and-privacy

MetropleX

Joe_Koba

Project response to similar questions related to our Duress feature:

Until the OS shuts down or reboots after wiping what's needed to derive any of the encryption keys again, it can still access all the data. It still has access to all the data it did before wiping other than the stuff directly related to deriving the encryption keys (which it doesn't need beyond trying to log in, change the password, etc.). Rebooting or shutting down after wiping is a crucial part of it because the reboot makes sure that leftover remnants despite having kernel page/slab zeroing, zero-on-free in userspace, etc. don't stay around. The Duress PIN process boots into recovery because the keys have also been purged and therefore it cannot boot into the OS at all. The recovery/factory reset then regenerates a new install of the operating system with new device encryption keys. Ensuring all device encrypted data is lost.

As for why we implemented auto reboot to help protect against forensic analysis BFU:

Ours (auto reboot) is implemented in a very robust way where crashing system_server, etc. can't stop it from triggering. We have zero-on-free for the kernel page/slab allocators so most memory is cleared on a clean reboot/shutdown and we also zero all of the memory on boot in the kernel too.

Joe_Koba

MetropleX This is exactly the information I was looking for. So the secure element is indeed wiped in the sense of zeroing the bits of data. I should've read that page more closely. Much obliged.

Novalissoide Thanks for those, I'll look into them to hopefully understand a bit more about encryption and security :-)