Data Recovery from “Scrubbed” NAND Flash Storage: Need for Analog Sanitization

Authors: 

Md Mehedi Hasan and Biswajit Ray, The University of Alabama in Huntsville

Abstract: 

Digital sanitization of flash based non-volatile memory system is a well-researched topic. Since flash memory cell holds information in the analog threshold voltage, flash cell may hold the imprints of previously written data even after digital sanitization. In this paper, we show that data is partially or completely recoverable from the flash media sanitized with “scrubbing” based technique, which is a popular technique for page deletion in NAND flash. We find that adversary may utilize the data retention property of the memory cells for recovering the deleted data using standard digital interfaces with the memory. We demonstrate data recovery from commercial flash memory chip, sanitized with scrubbing, by using partial erase operation on the chip. Our results show that analog scrubbing is needed to securely delete information in flash system. We propose and implement analog scrubbing using partial program operation based on the file creation time information.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {247660,
author = {Md Mehedi Hasan and Biswajit Ray},
title = {Data Recovery from {\textquotedblleft}Scrubbed{\textquotedblright} {NAND} Flash Storage: Need for Analog Sanitization},
booktitle = {29th {USENIX} Security Symposium ({USENIX} Security 20)},
year = {2020},
isbn = {978-1-939133-17-5},
pages = {1399--1408},
url = {https://www.usenix.org/conference/usenixsecurity20/presentation/hasan},
publisher = {{USENIX} Association},
month = aug,
}

Presentation Video