1

So I previously had an encrypted install of Debian, and wanted to install a new distro with full system encryption again. Now I understand that you don't need to fill the disk with random data if you already had encrypted partitions, and that wiping the LUKS header(s) will suffice. But now I deleted those previous partitions and I'm kinda stuck on what I have to do now. Do I have to fill the whole drive with random data again (at the possible expense of SSD lifetime, with questionable effectiveness in regards to cache in SSDs) or just let it how it is now, and create new encrypted partitions? From what I've read, when choosing this last option, some background 'noise' will remain, making it easier for an attacker to retrieve data (from the new partitions).

What do you think?

Arch
  • 11
  • 2
  • For SSDs there's "Secure Erase" feature. For USB sticks, you can fill it with zeros. It will make it also work a bit faster - both when it's new and when it was used a bit - tested on new Samsung USB sticks. – Aria Aug 03 '16 at 15:01
  • See this: http://superuser.com/questions/533474/can-zero-filling-reset-wear-leveling-of-usb-sticks-flash-drives – Aria Aug 03 '16 at 15:03

2 Answers2

2

The only way to make "sure" data cannot be regenerated is to use the writing "random data to entire disk" method. The LUKS header is just a "road map" to the data's encryption, loss of it makes it harder but not impossible to reconstitute. All encryption should be equal to the threat level one experiences on a certain machine.

Frank Jenkins
  • 21
  • 1
  • I don't necessarily care about the previous data, as there wasn't any real private information in it (only the OS). I just want to make sure the next encrypted partitions are optimal. Will erasing the disk with random data decrease the lifetime of it significantly? – Arch Aug 03 '16 at 10:45
1

If the attacker has an image of your disk as it previously was, they'll be able to detect which parts were rewritten after that, which would leak metadata, mostly about the size your new data. If you care about that, it's your call. Overwriting the SSD every once in a reinstall probably isn't much of a problem with durability: there are articles about tests where SSD:s lasted for years of constant writes. Overwriting the LUKS header would of course be nice, since it would prevent attacking your previous password. That is, if you can overwrite it certainly, considering wear-leveling and other logic within the drive itself.

As always, depends on your threat model, and the value of your data vs. your time etc.

ilkkachu
  • 2,086
  • 1
  • 11
  • 15
  • But as the partitions were deleted, the LUKS header can't easily be found anymore. So the easiest option would be to overwrite the whole disk with random data right? That way the LUKS header would be overwritten too. But you will still have the issue that some data still might be somewhere (such as the LUKS header), given how SSD's work. – Arch Aug 03 '16 at 10:02
  • If you have an SSD, overwriting anything won't do what you want it to do. The SSD could write the new data to a complete different part of the disk and mark the old data as unused. SSDs have a secure erase function that wipes the entire disk. SSDs encrypt all data by default. Secure erase just tosses the key. If you no longer know the key, the data is meaningless. – Jordan Melo Aug 03 '16 at 17:57