62

Imagine you are carrying highly sensitive information with you, maybe on a mission in a war zone. You get in an ambush and quickly need to erase all the files before they fall in the wrong hands. This has to happen within seconds.

What devices are used for such operations, are there special hard drives which have a physical switch to erase all memory at once? I'm thinking of active storage devices, which lose all information once the power supply is separated.

Addendum 1: As Artem S. Tashkinov pointed out in his answer, for most use cases encryption is enough. But I think there is information so valuable, that even in 50 years, when quantum code breaking may become a reality, it can be harmful. So I edited my question to ask explicitly for a method, which does not leave any way, as computationally hard it may be, to recover any data. I guess this is only possible by physically destroying the components, which hold the information.

Addendum 2:

  • Issues with thermite: Data drives seem to be quite resilient to thermite and even military grade thermate as shown at a talk at defcon 23. It doesn't seem like using either of these substances is a reliable way of getting rid of the data. The experimental results showed that the drive was mostly intact after the thermite/thermate attack and it seems unlikely that Curie temperature has been reached throughout the plate. (DEF CON 23 - Zoz - And That's How I Lost My Other Eye...Explorations in Data Destruction (Fixed), thanks to Slava Knyazev for providing this ressource).
  • Issues with encryption: While quantum code breaking will not break all existing encryption (as pointed out by Conor Mancone) there is still a risk that flaws in the encryption are known or will be discovered in the future.
  • Comments are not for extended discussion, or to post answers. I have [moved them all to chat](https://chat.stackexchange.com/rooms/111028/discussion-on-question-by-theoreticalminimum-emergency-method-to-erase-all-data). If you want to answer, please post an answer, not a comment. – Rory Alsop Jul 25 '20 at 19:26

15 Answers15

62

Thermite.

Thermite burns at a temperature of thousands of degrees centigrade, which would be more than sufficient to destroy all the data stored in any modern data storage medium. It is also already used by militaries for the targeted destruction of equipment. Additionally, according to Wikipedia:

For example, thermite can be used for the emergency destruction of cryptographic equipment when there is a danger that it might be captured by enemy troops.

nick012000
  • 581
  • 1
  • 3
  • 7
  • 7
    What is your suggestion for being able to trigger thermite from within a physical drive at the push of a button that isn't also going to go off by accident? Also how would you design the drive to guarantee that all of the data is destroyed, and not just a portion of it? – Kevin Jul 22 '20 at 17:00
  • 4
    Use this in addition to encryption in case small portions of data escape destruction. – Cullub Jul 22 '20 at 18:25
  • 9
    @KevinWells there are existing thermite grenades used by the military for this use and destroying artillery. They likely have the requisite safety features without being difficult to use. See the wiki link in the answer. Put the data on the ground, with grenade on it, activate, and run away. – BillThePlatypus Jul 22 '20 at 19:29
  • 2
    @BillThePlatypus You're right, the wikipedia link is much more detailed as to how this would work, but that info should be included here to make this a better answer – Kevin Jul 22 '20 at 19:35
  • 21
    @KevinWells How to stop it going off by accident? The same way as airplanes stop missiles going off by accident. You might need two switches to be turned/pressed, each with a cover, for instance. As for the design, all you need is enough thermite in enough places, surely? – Graham Jul 22 '20 at 20:34
  • 10
    I don't think this is going to work well. See e.g. https://youtu.be/-bpX8YvNg6Y?t=624 –  Jul 22 '20 at 22:22
  • 4
    @KevinWells: I suspect that melting part of a platter with thermite would at least get the rest hot enough to demagnetize (above its Curie temperature, Tc). I found some discussion of HDD platter Tc: https://www.overclockers.com/forums/showthread.php/454159-What-is-the-Curie-point-of-hdd-magnetic-platters?s=80ae5292903f254cd4f573bebdf7f23e&p=4464481&viewfull=1#post4464481 . For an SSD with Flash, the info-storage breakdown with temperature has different physics entirely, but it's smaller so you'd generally need less thermite. – Peter Cordes Jul 23 '20 at 03:18
  • 5
    I will recommend the defcon video. As their experience show, platter are huge heat sink and require a lot of Thermite. while it look fun it's not practical. Nor effective. https://www.youtube.com/watch?v=-bpX8YvNg6Y&t=1150 – Drag and Drop Jul 23 '20 at 12:12
  • Put the thermite above the platters and it will work much better. If I recall correctly the top plate of a hard drive enclosure is fairly thin aluminum or steel. I'm imagining a second box, thin walled, the size of a 5.25 enclosure completely filled with thermite mixture. Place in the bay above the hard drive to be destroyed. The ignited thermite will melt through the two thin walls below it and fall directly onto the platters while still reacting, along with plenty of molten metal and associated slag. Now package the two enclosures together securely and attach your favorite activation device. – wwarriner Jul 23 '20 at 19:32
  • @TheoreticalMinimum - This does look like it could work together with a flash drive instead of a HDD. You could basically wrap the thermite around it and there would be little left afterwards. Also - maybe just don't go to such dangerous places? – Vilx- Jul 24 '20 at 00:58
  • 1
    @TheoreticalMinimum - 1) detonation cord seemed to work good enough in the defcon video. 2) while the thermate failed to melt the platters, they did not attempt to read anything from them with a microscope, so the talk's "failed"conclusion for thermate/thermite is highly discutable. – Edheldil Jul 24 '20 at 09:26
  • 5
    I'm going to have to go watch the videos, but I can't fathom any hard drive being able to resist a thermite burn. I've seen them go through steel plate 1" thick from a flower pot. I'm sure the blackhat guys did a bang up job but I've got to see this to believe it. Besides, if you're carrying material that needs to be destroyed, you've got a gun, it has bullets, and two in a hard drive platter will pretty much wreck any recovery. – J.Hirsch Jul 24 '20 at 11:47
  • @Graham Thermite is surprisingly hard to catch alight. You need over [1500 degrees celsius to start it going](https://www.unitednuclear.com/thermiteinfo.pdf) – marcellothearcane Jul 24 '20 at 13:48
  • @Edheldil I agree, these experiments are not conclusive at all. –  Jul 24 '20 at 19:09
  • 2
    I've been playing around with thermite when I was younger, people generally have way to high expectations of how destructive it is. You have to think it through and apply it properly, you can't just "use some thermite" as seen in the above linked videos. – Alex Aug 04 '20 at 08:46
  • I came here to write Thermite as an answer. During high school we paranoid teens actually discussed this option and had some first plans drawn up... Never actually built the system though (we just did other fun things with the Thermite... ;)) – fgysin Aug 13 '20 at 13:28
52

There are two DEFCON videos from 2012 and 2015 exploring this exact issue:

enter image description here

Summary of Viable Options

  • Plasma Cutter
  • Oxygen Injection (Difficult setup)
  • Nailguns (depending on adversary)
  • Damped High Explosives (Lots of kinetic energy)
  • HV Power Spike (Inconclusive forensics)

In essence, your only viable methods are physical destruction

Esa Jokinen
  • 16,100
  • 5
  • 50
  • 55
Slava Knyazev
  • 716
  • 5
  • 12
  • 6
    These talks are great, especially the second one. –  Jul 22 '20 at 22:23
  • 3
    I have to add, here, that one we use is a good old-fashioned hammer. For mechanical drives, just smash them to pieces with a hammer! Lots of fun. The platters inside are more often than not made of glass, so just remember your safety glasses and slug away, champ! It's too easy for M.2 or SSD drives, but it's fun to watch them dissolve in strong acid, or use a blow torch for that matter! But, for speeds sake, once again, a hammer is your friend with M.2's or SSDs. – Paul Jul 23 '20 at 17:45
44

If you trust encryption then you could encrypt your entire drive using

  • Linux: LUKS (supported by all major distributions)
  • Windows: BitLocker

As soon as you physically switch off the device, all the information turns into random noise which no one will be able to recover unless he/she has the decryption key. However, this method has a major shortcoming: your adversary will know you've got encrypted data and they may force you to spill your secrets.

As for Linux LUKS: if you wipe the first megabyte block of your encrypted partition, the data can no longer be recovered under any circumstances even if you know the key.

If you don't want the adversary to even suspect anything you could use VeraCrypt or DiskCryptor (formerly TrueCrypt) which can create hidden encrypted partitions/containers, but those still can be discovered given enough persistence.

Lastly I'd personally do the following under these circumstances given you have a satellite connection available:

Run the entire system off a live Linux CD and store the data in an encrypted cloud (private or commercial). In this case the adversary will never even be able to deduct anything from your e.g. laptop which may contain a run-of-the-mill Windows OS with pictures of cats.

Also take a look at:

Peter Mortensen
  • 877
  • 5
  • 10
Artem S. Tashkinov
  • 1,389
  • 5
  • 13
  • Maybe having a solution for persistent data in RAM (during some minutes) would be necessary ? – Sibwara Jul 22 '20 at 10:58
  • @Artem S. Tashkinov My question was not precise enough. I edited it a bit. –  Jul 22 '20 at 11:00
  • So, are you asking about an encryption method which cannot be broken even in theory? :-) I'm not aware of them. You can certainly devise a method of storing data which, in case the data header gets destroyed, the rest of the data becomes worthless but I'm not aware of them. Probably they already exist. – Artem S. Tashkinov Jul 22 '20 at 11:02
  • 1
    @ArtemS.Tashkinov No. Of course this can not be done. But one may rather lose all data, than to let it get in the wrong hands. I ask for a storage device which physically destroys it's information ones it is in jeopardy of being compromised. –  Jul 22 '20 at 11:06
  • 24
    Relevant: https://xkcd.com/538/ – Cullub Jul 22 '20 at 18:26
  • Drive over it with a tank. – Hot Licks Jul 23 '20 at 00:28
  • 3
    Not only is using a satellite internet connection like walking around with a lit christmas tree, but it is also bound to use encryption of much lower quality and present a huge attack surface. – Nobody Jul 23 '20 at 09:40
  • 4
    Wiping the first 1MiB of a LUKS partition is *not* sufficient to wipe all the keyslots that symmetrically encrypt the master key. You'd need to wipe *at least* 20MiB, but it's variable and better to parse the header to determine where to end the overwrite. See https://security.stackexchange.com/q/227359/213165 – Michael Altfield Jul 23 '20 at 12:29
  • 2
    This is a good answer, you may want to rephrase slightly this point `As soon as you physically switch off the device, all the information turns into random noise`. In-memory information is in the clear plaintext unless encrypted by the application. Information on the disk is always encrypted (in this case). The driver is responsible to decrypt it on the fly when OS/app needs plaintext. There is nothing "magical" happen that turns information into noise when one switches off the device. It is noise already, being powered on and having a correct key+driver makes the information decrypted. – oleksii Jul 23 '20 at 14:57
  • 1
    Bitlocker has a recovery mechanism for companies - so there are at least two ways of decrypting data. Given what we know about the US, I would also question whether a US closed source solution can be trusted against potential nation state attackers (as per the description in the asking post). Against your everyday theft or loss? More than enough. Against a nation state level attacker? Not so sure. And at that level TPM keys can also be extracted (though it may involve acid and microscopic needles - the research is old by now.) – DetlevCM Jul 24 '20 at 05:02
28

A RAM disk

RAM is cool in that it is volatile memory. This essentially means that once power is cut, all data is lost completely and can never be recovered - essentially, this irreversibly and reliably wipes all the information instantly and does so in a way that cannot be stopped.

Not only is this data irrecoverable, but this method does not include any physical destruction of components and could even be implemented with a dead-man's trigger (i.e. something like a grenade pin that, when removed, cuts the power to the RAM disk to wipe it).

Daniel H.
  • 381
  • 2
  • 3
  • 18
    Unfortunately data loss is not quite that quick, especially if an attacker is prepared: https://en.wikipedia.org/wiki/Cold_boot_attack – Conor Mancone Jul 22 '20 at 19:12
  • 12
    @ConorMancone it can be, depending on how the RAM is set up. The information on RAM is stored in capacitors - if you change the specs on these capacitors, you could easily configure them to leak all their energy after just microseconds. Modern RAM obviously tries to make data last as long as possible (so it doesn't have to refresh as often, which eases up the load on other components), but if you were to custom-make RAM you could easily get this to be near-instant – Daniel H. Jul 22 '20 at 19:16
  • I suspect one flaw with this plan would be that it could be vulnerable to accidentally losing power even for a brief second, in which case its volatility would be a detriment to its function. It also requires a power source that won't drain in the time it takes to transfer the data, and if you have to traverse a war zone that may be a difficult thing to transport – Kevin Jul 22 '20 at 19:37
  • @KevinWells this is true, you would need power to remain constant. Fortunately, RAM does not use a huge amount of power by itself (from three minutes of research it seems you can get RAM with 0.5 W idle power consumption. If you use a laptop battery - say, 90 Wh - the info could last up to 180 hours, or a bit more than a week) – Daniel H. Jul 22 '20 at 19:46
  • 2
    @KevinWells the vulnerability of accidentally losing the data is built into any device that has a self-destruct feature. – Alexandre Aubrey Jul 22 '20 at 19:48
  • 3
    @AlexandreAubrey True, but some systems are more likely to accidentally fail than others. If you had one system where you had to lift up a flap and then push and hold a button for a full second, that would be unlikely to happen accidentally, whereas a system where you had to keep a dead-man switch pressed down at all times would be vulnerable to accidentally tripping, falling asleep, etc., which makes it a worse system. I think the RAM system is somewhere in between those, but is on the less stable side of things overall – Kevin Jul 22 '20 at 19:51
  • 1
    @KevinWells If you can afford the time it takes to make a second delivery in the case of a drive that's DOA or the resources to carry multiple copies so that at least one arrives undamaged it's a good idea. While it's more susceptible to failure it's also a more robust way to protect the information than encryption and it's more flexible than physical destruction in terms of where and how you could engage the self-destruct mode. – Alexandre Aubrey Jul 22 '20 at 20:02
  • 4
    @KevinWells if there is a grenade-pin mechanism and it gets treated like an actual grenade in that you very much do not want to accidentally remove the pin, the odds of the trigger system failing would be very low – Daniel H. Jul 22 '20 at 20:21
  • A potential solution to the "dead man's switch" is to use a proximity sensor. One chip inside the data storage device, the other chip inside the carrier (implanted under the skin, somewhere discreet). If the chips are more than 3 meters apart the switch is triggered. So the user needs only to manage to throw the device a very short distance, and there's an almost zero chance of setting it off accidentally – Darren H Jul 23 '20 at 00:56
  • @DarrenH except for a failing proximity sensor :) – sox with Monica Jul 23 '20 at 09:46
  • 1
    @ConorMancone If you expect such an attack, it's fairly easy to prevent. You need a physical enclosure that is thermally insulated so the RAM runs as hot as its specification allows (that will probably shorten the life time of the RAM a lot and you might want to use ECC memory because it might also induce more errors) and gives you some extra time for the data to dissipate while it's breached. Inside the enclosure, include a circuit that cuts power when needed, i.e. when the enclosure is breached, or when the temperature drops too low, or when requested using a switch, or on reboot. – Nobody Jul 23 '20 at 09:48
  • 1
    @ConorMancone You could probably DIY such a device with a Raspberry Pi, a temperature sensor, a power bank, some styrofoam and sheet metal. Load the data onto the computer, put it into the enclosure, weld it shut. Only connection to the outside is a power switch and maybe power input. Use fancier single board computer and larger power bank for more storage. – Nobody Jul 23 '20 at 09:53
  • 3
    Super Glue the computers components together, in order to delay removal of the RAM. This also helps prevent against evil maid attacks. – john doe Jul 23 '20 at 18:00
  • Is there an option for a combination of techniques? Blowing up or shredding a hdd may not be sufficient, but I imagine that shredded ram would be pretty close. People may be able to restore power in the few seconds of latent memory for a whole disk, but they would not be able to do so to the shredded version. (so long as shredded ram does still leak at least as quickly) – Josiah Jul 25 '20 at 06:31
19

Hard Drive with glass platters

HDD’s with glass platters are common. All you need to do is make sure that your data is stored on one of them, and, in an emergency, chuck it at the ground really hard. This will shatter the platters and make recovery virtually untenable, especially if combined with encryption. If you have a gun, putting a couple of rounds into the drive will reduce them to powder.

If you have specially designed drives, you could likely integrate a small explosive charge that would disintegrate the platters without even breaching the container (much safer than thermite).

A neat concept I’d be curious about I’d if it would be possible to use an acoustic attack. In this paper they demonstrate that you can interfere with the platters of a drive using its resonance frequency. It may be possible to build in an acoustic device that, when powered on, shatters the glass platters.

Edit: an even better answer occurs to me.

MicroSD card: infinite possibilities

The tiny size of a microSD card offers even more possibilities. Crush it to powder between two rocks. Melt it with a cigarette lighter. Shoot it. Hell, if you want a chance at retrieving it, swallow it, or find a patch of dirt and shove it in. The chances of anyone being able to find it are minuscule. Anecdotally, aside from corroded contacts, data on a microSD card that passes through the digestive system is recoverable.

Daniel B
  • 441
  • 1
  • 3
  • 10
  • 1
    Humans are not strong enough to break the glass platters on a modern disk by hitting the ground. You will probably break some other part of the disk, but you need some extra effort to make the data unrecoverable. – fraxinus Jul 23 '20 at 08:55
  • The MicroSD idea would be less feasible IMO, how do you find rocks to "crush to powder" in a few seconds? How do you even pull out a lighter, gun etc. Chances are, if you're being chased, throwing it, swallowing it or burying it is not going to help. – ave Jul 23 '20 at 08:55
  • @Ave A couple of rocks, the butt of a gun... 'a couple of seconds' was the specified metric, and there's no end of options in that time frame. And I find it difficult to image as situation in which I don't have time to yeet a microSD card down my gullet, but have time to activate a thermite charge on a hard drive without burning myself in the process, and thats the top answer ¯\_(ツ)_/¯ – Daniel B Jul 23 '20 at 10:28
  • @fraxinus I've literally shattered the platters in a laptop HDD by accidentally dropping it off my kitchen counter onto a tile floor, so I know it's possible. This was some years ago, though. Presumably, if this was an important usecase, one could track down the manufacturer of that particular disk. :P – Daniel B Jul 23 '20 at 10:37
  • the platters are covered in silicon, you can have a small container of a gas the reacts well with silicon inside the drive and connect it to some sort of trigger mechanism. the is just a thought experiment, but to me it sounds like it would work. – Nullman Jul 23 '20 at 11:01
  • @DanielB well, they used to be stronger. Good to know. – fraxinus Jul 23 '20 at 12:41
  • The SDCard can be killed the same way an USB-Killer kills USBs. Just zap it with 120/220 volts in an unintended way and fry the chip. Smack it with an hammer afterwards, for good measure. – Ismael Miguel Jul 23 '20 at 15:15
  • I accidentally broke a 64 GB MicroSD card once by simply trying to scratch off the serial numbers. – john doe Jul 23 '20 at 17:58
  • I wonder about creating a glass-platter hard drive with a special internal shattering hammer. – Phoenix Jul 23 '20 at 18:08
  • Glass, have the platters specially hardened so they shatter into sand-like particles instead of large shards. – Jasen Jul 26 '20 at 10:24
13

The framing of this question is just completely wrong, and I'd go so far as to suggest the question doesn't belong on Security SE but Worldbuilding SE if you're trying to make up a world where it does make sense. You don't carry sensitive information in cleartext, and you don't destroy media to make information inaccessible. You make proper use of encryption, and you either don't carry the key at all, or destroy the key in emergency rather than destroying the media the (potentially large) data is stored on.

The updates to the question about encryption are just wrong as well. "Torture to get the key" is not an issue because the key is not something small enough to be something you know. Either you don't possess it at all, or you possess it in a form that's easily destroyed (e.g. soluble or ingestable paper). There are plenty of forms of encryption which are not even theoretically susceptible to QC, and even for ones that are, most of the susceptibility is "theoretical" in that it relies on abstract mathematical objects that almost surely can never exist in reality. (But if you don't believe me on this last point, just choose something post-quantum.)

R.. GitHub STOP HELPING ICE
  • 7,813
  • 1
  • 23
  • 34
  • 1
    The second paragraph of your answer makes sense to me. I think I got a wrong impression from xkcd.com/538. I removed the small comment about torture being a security risk. –  Jul 23 '20 at 18:15
  • But don't you agree that even the encrypted data could become a threat? Seems much safer to me to physically destroy even the encoded information, then the information is gone for good, not matter what decryption methods there are or will be. –  Jul 23 '20 at 18:18
  • No, I don't, and considering it as such is generally not standard practice. – R.. GitHub STOP HELPING ICE Jul 23 '20 at 18:40
  • I'm not a cryptographer so I have no clue what is standard practice in your field. But I find it a bit odd, that you rule out the failure of the encryption completely and say doing so is fiction (or stupid). As long as the encrypted data is physically there, it's only one (very hard) math problem or unknown loophole away from being decoded. If the information is physically destroyed it is arguably safer. And the question is only asking about an efficient and quick way to do just that, nothing else. –  Jul 23 '20 at 21:24
  • 2
    We live in a world where things much more dangerous than whatever secret you're protecting are guarded by much weaker measures than fully proper use of cryptography. The weakest link in "something utterly horrible happens" is not this. – R.. GitHub STOP HELPING ICE Jul 23 '20 at 23:06
  • 3
    It's also worth noting that here *symmetric encryption* is sufficient. Most modern crypto requires *asymmetric encryption*, which tends to involve hard math problems beyond our (computational) reach - although a better approach (or in some cases, quantum computers) remain a possibliity. Yes, there might also be some unknown way to break some *symmetric* encryption schemes - but they have so little mathematically nice structure to attack that people don't even know of good starting points to do so. – ManfP Jul 23 '20 at 23:37
  • 2
    Perhaps you should add that's it's theoretically possible to recover even physically destroyed media with enough computation power and precise enough measurements. The only bariers are the enormous cost of tools and computational energy and time requirements. And that these are the exact same barriers to breaking modern cryptography. – Vaelus Jul 25 '20 at 13:07
  • 2
    @R..GitHubSTOPHELPINGICE That isn't a good enough reason to build _new_ weak links, or how will the old weak links ever be phased out? – wizzwizz4 Jul 25 '20 at 13:36
  • 1
    @TheoreticalMinimum: I think you really are underestimating modern cryptography. Sure, breaking encryption is just “one (very hard) math problem” — but in the same sense, reassembling the pieces of a hard drive that’s been ground to dust is just one very hard jigsaw puzzle. We can be at least as confident that the math problem is hard as we are that the jigsaw puzzle is — partly for theoretical reasons, and partly for the pragmatic reason that no criminals have yet managed to break industry-standard encryption, even though they could make insane amounts of money if they did. – PLL Jul 25 '20 at 17:12
  • investment in cryptocurrency is a bet against quantum computing, and vice versa. – Jasen Jul 26 '20 at 10:28
12

Some of HPE's SmartArray RAID controllers (for instance, the P408i) support transparent disk encryption. One of the supported configuration modes involves keys that are only ever stored in a protected, volatile, on-chip data buffer. If you pull power to the system, the keys are gone for good and the data they protected is inaccessible. One of their sales engineers told us this mode was specifically made for your exact scenario, and he called it "embassy mode" (meaning if your embassy was under attack, you could pull one plug and destroy all your classified data before the enemy could get to it).

You could also go old-school. Encrypt your data using a one-time pad (uncrackable, even with infinite computational resources) and store the pad on nitrocellulose paper. Get in trouble and the nitrocellulose will burn in a matter of seconds. If you're merely transporting the data and don't need to access it yourself, then send the data and pad separately. The enemy would have to intercept both in order to steal your data. Don't send the pad until after you have confirmation that the data arrived safely. If the encrypted data gets intercepted, re-encrypt it using a new pad and try again. Alternatively, using a pre-shared pad means the pad is never in transit at all and thus there's no opportunity to intercept it.

bta
  • 1,111
  • 5
  • 10
  • +1 for the old-school reframing. "How can we store data on something that can be easily destroyed?" may be a better question here than "How can we destroy data-storage?" – Josiah Jul 24 '20 at 11:23
  • @Josiah, how do you read the OTP into the drive/drive array on boot? Have a special storage location in the server that can both OCR it and ignite it? I can see how one could use a LOM device and LOM commands to fire the igniter and burn the paper, but how do you start the decryption process? How (physically) big does your drive have to be to store and safely recover the OTP? – Bill Barth Jul 24 '20 at 14:44
  • OCR is probably something of overkill. Of course paper-based computer storage typically belongs in a museum. (Specifically the Bletchley Park Computing Museum where the first programmable electronic computer, Colossus, used perforated tape for data IO) but if your primary constraint is something that can be destroyed effectively it does meet the criterion. Remember, I upvoted this not so much for the specific OTP suggestion as for the nitrocellulose. – Josiah Jul 24 '20 at 23:46
8

It used to be possible to buy CPU chips with a built-in PROM that would be destroyed on contact with the atmosphere, the idea being to prevent someone from reverse engineering the code that had been burned into the PROM by opening the package and examining the state of fusible links with a microscope. (I once had the pleasure of working with an engineer who reverse-engineered satellite dish video cipher decoders using just that method.)

Robb Smith
  • 101
  • 5
7

1 TB MicroSD card and a blender

The best way is to physically destroy the data. A 1TB MicroSD card probably has enough storage for what you need, if not get multiple.

If you have it stored in a small self-powered blender (battery operated, or perhaps something more redundant than just batteries) you can immediately blend the MicroSD cards and turn them to basically dust. At this point it should not be feasible to recover any data.

Some methods such as magnetic erasing hard drives, shooting them etc may have some amount of recoverable media left. I would think it is less likely to recover the leftover MicroSD card dust.

H. Daun
  • 171
  • 1
  • I'd like to point out, because I was curious, that there exists a 1 TB MicroSD card from a reputable vendor available from several reputable vendors. – Nathan Goings Jul 23 '20 at 05:25
  • 1
    It's a good point just how detailed and delicate modern storage can be, but I'm not actually convinced this meets the criteria. Even if the blender successfully shreds the card, the sort of adversary who can feasibly break modern crypto may actually be able to solve an SD card dust jigsaw! – Josiah Jul 23 '20 at 05:32
  • 4
    @Josiah You are joking, right? I don't know if a blender is actually capable of shredding a microSD to dust, but if the actual chip inside the card is shredded to dust (of a particle size like you would expect from a good blender), there is no way in hell that is going to be reassembled. – Nobody Jul 23 '20 at 09:58
  • 1
    But I think burning is more realistic. Put it into a box with a couple of firecrackers, something like that (be aware that putting explosives into a somewhat strong shell is basically like making a grenade, i.e. it will kill you if you do it wrongly). – Nobody Jul 23 '20 at 10:00
  • 3
    @Nobody, it does depend on what scale you count as "dust". The WHO says that "dust" can be up to 100 micrometers wide, but let's be generous and call it about 10. An sd card is about 10mm wide, so there's about 1000 "dust" particles along and about 1000 up. If the card is 1TB, each of these dust particles has space for about a megabyte of data. Obviously you wouldn't get a tiny pair of tweezers and put it together, but if you've got proper forensic kit to read those fragments, you may well be able to redo some of the data "jigsaw" computationally. – Josiah Jul 23 '20 at 10:16
  • 4
    Hydrofluoric acid (or maybe Aqua Regia) would probably work for dissolving the card – Nullman Jul 23 '20 at 11:05
  • 3
    The plates are extremely non-reactive. This has been shown in the defcon 19 talk. –  Jul 23 '20 at 14:27
  • Chew it up and swallow it. – john doe Jul 23 '20 at 18:03
  • 5
    Realistically, won't the card will just bounce around inside the blender and make break into 2-3 pieces, since it's too small to actually blend? – user253751 Jul 24 '20 at 16:01
  • @Nullman If those aren't quick enough, ClF₃'s _got_ to be enough to do the job. “Chlorine trifluoride and gases like it have been reported to ignite sand,” – wizzwizz4 Jul 25 '20 at 13:40
3

Use one of those small form factor M.2 SSDs and find a way to mount it so it can be removed easily. Note that this may need custom development, because I don't know of any modern tools that allow this. However, if you're on a mission in an active war zone carrying highly dangerous information, you probably got a team that can figure something out. Militaries around the world have been working on emergency data disposal for ages. When you're in trouble, pull it out of the drive bay and destroy it with whatever tools you got handy (gun, steel tipped boots, maybe even your bare hands,...). AFAIK it's not possible to recover any data from an SSD that has had the memory modules physically broken.

Nzall
  • 7,313
  • 6
  • 29
  • 45
1

I love the straightforward logic in some of the other answers. Want data to definitely not fall into the wrong hands? Blow it up. I recognise that your question is looking for answers stronger than "encrypt it" but I do think there are some software based encoding ideas that can complement "blow it up" to make even surer that the secret is kept secret.

The fundamental idea is to ensure as much as possible that even if only a fraction of the data gets destroyed, such leftover signal as could still be recovered cannot be interpreted.

So, here's a few additional thoughts:

  • Reduce redundancy In normal computing, we use duplicate data, error correcting codes and other similar techniques to ensure that even if some data gets mangled the original can be recovered. Here, that's just giving your adversary a free extra life, so we'll want to turn that off.
  • Shuffle. In normal computing, we might localise data on a disk, so that data about the same topic gets grouped together. There are many reasons for this including efficiently accessing it, and giving your programmers a logical framework to reason about. But in this case, because the secret absoltely must not fall into enemy hands, do the opposite. When you write the data to the device, shuffle the bits around: first bit might be near the start, second near the middle, etc. The purpose of this is to ensure that even if your bomb only destroys half the data, the chunk that is left cannot be reasonably interpreted.
  • Add interdependence. In normal computing, to interpret one bit, we read one bit. That is useful for your recovery adversary. Modern encryption standards, however, use a technique called block chaining to ensure that previous bits change the encryption of future bits. Perhaps run your basic encryption forward and backwards, so that all data is tangled into interpreting all data. Again, the purpose here is to squib-proof your encoding. Even if the bomb destroys a tiny fraction of the data, the attacker is left having to guess not just that data but how that data affects the encryption. (There are other more complete ways to add interdependence, but they'd require world-class understanding of coding theory)
  • Use a lot of key. We want to make sure that they have to read several bits to correctly interpret one bit. There is a cipher called the "One time pad" which is mathematically unbreakable. That is, even an attacker with unlimited computational power can do no more than guess what the data said. It's also usually useless because you need at least as much key as you have data to encrypt, and if you had a technique to transmit that securely then you could just transmit the secret securely. Here, though, you can just put the key on the disk. The implication is that to understand one bit the attacker must correctly read 2, so if you manage to destroy either of the 2 you're safe. You can and should still use a more conventional encryption thing: the above forward and backwards chaining is strictly better. But the OTP approach inspires...
  • Shard the data. This is where the "lots of key" option really comes into its own. Instead of putting the data and key all on one device, you have two physical devices, one has the key and the other has the OTP encrypted data. Mathematically, those are equivalent because it is strictly impossible to interpret either without the other. This gives you the good kind of redundancy: you can have two completely separate self-destruct mechanisms just in case the battery in one of your detonators happened to run down.
  • All of the above. In particular: Remove redundancy, then generate a OTP and encrypt the real data with it, then encrypt both the OTP key and the data forwards and backwards with a block-chaining cipher, and then (separately) shuffle the bits of them both, and finally write them to the bomb-laden disks.

These all work together to reassure even the most paranoid intelligence operative that they will be able to destroy their data when it counts. Do be advised, however, when the data gets to the technician at the other end for the wonderful chore of decoding it... you'd better hope they're not licensed to kill!

Josiah
  • 1,818
  • 9
  • 14
  • Why would you intrinsically want to "use a lot of key"? It seems much simpler to destroy 256 bits on a small chip than something the size of your data. – ManfP Jul 22 '20 at 22:47
  • In theory any key smaller than the data can be cracked by an adversary with unlimited compute capacity. Only OTP scale keys can guarantee that destruction of the key is as effective as destruction of the ciphertext at making the ciphertext unreadable. As I said, it only really comes into its own in combination with the "Shard the data" back-up bomb option. – Josiah Jul 22 '20 at 22:54
  • @Josiah, in practice, any key larger than about 80 bits can't be cracked by current technology, and 128 bits is sufficient for the foreseeable future (barring quantum computing). Also in practice, avoiding key-management mistakes is generally easier the smaller the key is. – Mark Jul 24 '20 at 02:08
  • This is true. I also favour normal encryption, and mention in this context that it also contributes valuable interdependence. Even so the context given in this particular question is explicitly against a computationally unbounded adversary, and so although "Just use AES and forget about it" is probably the right answer in the real world (and much more so than a OTP) it's explicitly not a valid answer to the question. – Josiah Jul 24 '20 at 09:33
  • @ManfP “A lot of key”, plus those 256 bits, seems a better strategy than those 256 bits alone. You wipe the 256 (or 4096) bits, and it's _almost certainly_ impossible to recover the data… and then you manage to destroy ⅛ of the one-time pad, making it even harder. – wizzwizz4 Jul 25 '20 at 13:44
  • I don't understand why this answer has been downvoted so much... to me it seems like the answerer proposed some really good non-hardware solutions. – vikarjramun Jul 25 '20 at 18:13
1

Nitric acid injection

Nitric acid dissolves the platters which destroys any information contained within. A device to inject nitric acid directly between the platters could work by pushing it through the platter bearing.

Gensys LTD
  • 111
  • 2
0

12 gauge slug round. Mill a slot in the leading face of the slug, just large enough to hold a microSD card. If you need to destroy the data, fire the slug against a hard surface. The SD card will impact the surface edgewise and in turn be impacted by the slug. If you keep this round chambered the data can be destroyed in a fraction of a second.

For extra certainty, use a custom slug which incorporates a disc of hardened material as its base.

Peter Mortensen
  • 877
  • 5
  • 10
Crash Gordon
  • 109
  • Have a mini 12 gauge with a 6 inch barrel, and have it hooked up to the disk. You could have everything set up and running, but you could destroy the drive at any point – john doe Jul 23 '20 at 18:06
  • meh, print the data on cellulose nitrate microfiche and put it inside the cartridge. – Jasen Jul 26 '20 at 10:41
0

I watched the linked Defcon talks (2012 and 2015) and just wanted to summarize my key takeaways, which surprisingly no other answer has done before:

  • The talks focused on data centers, which means spinning platters (because those are still cheaper as of 2021 when you need hundreds of TB), even though solid state disks might be easier to destroy.
  • The talks focused on spectacular methods, rather than practical ones, because they were meant mainly to entertain not educate.

If on the other hand you choose your storage medium explicitly for fast destruction, it's pretty easy:

  • You can use a micro SD card. Thermite, even large amounts (250g if I remember correctly), were not effective in destroying spinning platters. That's largely because spinning disks are heavy, and to melt them (as a rule of thumb) you are going to need as much thermite as the drive weighs, or even more by some single digit factor. That's dangerous because you end up with a thermite amount in the low kilogram range. On the other hand, a micro SD card weighs much less than 1g. So you can take 15g of Thermite (so like 15 to 100 times the weight of the data storage medium), stuff the card right into the middle of it, ignite it, be really sure the card is melted completely (because you can calculate the heat capacity of the whole thing and the energy released and calculate the minimum temperature the SD card is heated to), and still contain the whole reaction in an easy to carry container (with some noxious gases escaping).
  • For a micro SD, a blow torch should also work fine if you have a minute.
  • The same works for an SSD, everything is just larger (thermite amount) or takes more time (propane torch).
  • Or you can just use volatile storage like RAM. You need a container that's just strong enough to resist your enemies for a few seconds while the data dissipates, if you include a temperature sensor which cuts power as soon as the inside temperature drops below 15 degree Celsius or so and cuts power when it detects the container is being opened.
Nobody
  • 686
  • 4
  • 10
-1

Encryption is the way to go. But you want to destroy the data spectacularily.

Break the HDD platters manually.

A lot of disks can be run with the cover removed (or better yet, replaced with something easier to penetrate and still dust-proof). You may just use something hard (even a finger if you are brave) and break the platters.

fraxinus
  • 3,425
  • 5
  • 20
  • If your adversary is a three-letter agency or a sufficiently-motivated DEF CON attendee, breaking the platters isn't good enough. A magnetic-force microscope can recover everything except the data on the actual fracture lines. – Mark Jul 24 '20 at 02:11
  • 1
    OK, make more fractural lines, then. – fraxinus Jul 24 '20 at 07:13