Significant updates to storage security and media sanitization standards are underway in response to increasingly sophisticated cybersecurity threats that target storage systems. In a recent SNIA Data, Storage & Networking webinar, “The Storage Security Shake-Up: Adapt Now or Get Left Behind,” experts and standards editors Eric Hibbard, Paul Suhler, and Ramaswamy Chandramouli shared critical insights into why these changes are urgent. If you missed the session, you can watch it on demand and access the slides in the SNIA Educational Library. Much of the webinar featured a panel discussion with a highly engaged audience. We didn’t have time to address every question. As promised, they are in this Q&A blog.

Q: How do you ensure the key isn't recoverable?

A: Responding from the perspective of cryptographic erase (CE), this is one of the core problems a CE implementation must address. The basic requirement is that CE uses a key sanitization technique known as zeroization, as described in ISO/IEC 19790 (e.g., overwriting with all zeros, all ones, or random data), of the target cryptographic keys. ISO/IEC 27040 further specifies that all copies of the target cryptographic keys are sanitized. If an implementation does not meet these requirements (as well as some other requirements), it is not considered CE. Since CE can be applied outside of a drive (e.g., cloud storage) and the system implementing CE might involve the use of keys that stored externally (e.g., a key management server), the problem can become complex when considering the possible use of clusters, backups, etc. This is an active area of development that includes fuse-based sanitization and the use of key derivation keys, that expand the options and effectiveness of CE. 

Q: Specifically, how can people participate?  

A: The following are a few options for organizations to become involved in storage security:

Q: What kinds of devices are covered by IEEE Std 2883? Any plans for newer technologies? What about HAMR media?

A: IEEE Std 2883-2022 has coverage with both legacy and contemporary forms of storage devices and media. It also identified some categories of storage for future consideration. The IEEE P2883 revision project is under active development and the IEEE Security in Storage WG is definitely considering new technologies like HAMR, DNA storage, and others. Currently available degaussers are unlikely to work on HAMR media due to the magnetic properties of HAMR media.

Q: Do the standards still call for mutipass overwrites on flash media like on spinning disk? Or is the current directive to use technologies like instant scramble erase to also cover the retired/unaddressable space?

A: Due to the use of overprovisioning in most flash media (SSDs), overwriting has never been considered an effective purge sanitization technique. This overprovisioning issue is one of the major reasons that cryptographic erase (CE) was introduced for sanitization purposes. CE is also immune to defects in the storage that prevent changing the contents of the storage.

SSDs can also use the block erase technique, which is also susceptible to defects that can prevent erasing the contents of the storage. CE is also immune to these defects.

Q: If the life span of the crypto algorithms is finite and not trusted for highly sensitive data, why would there be such a push to move towards sanitize crypto erase as the only purge method?

A: Keep in mind that data that have national security implications as compared to general sensitive data represents an extremely small amount of data; destruction has always been the only acceptable method of sanitization and that is unlikely to change. Organizations that understand the sensitivity of their data and made a risk-based decision that reuse is permitted after a purge sanitization method (e.g., cryptographic erase) can avail themselves of a purge sanitization option. Multiple storage interfaces (e.g., NVMe) include commands that appear to be purge techniques; however, on close inspection of the specifications, the storage could attempt the sanitization operation as a best-effort (i.e., no guarantees). For example, a hard disk drive may have written data to sectors that later are flagged as defective (mapped out) and cannot be sanitized; such a drive may report a completed sanitization, but not remove the data in these bad sectors. Cryptographic erase (CE) would not have such a problem, but CE is not infallible; implementing CE correctly and ensuring all the relevant keys are sanitized is something that has to be handled carefully. In general, consumers of CE should seek specific information from their supply chain on how CE has been implemented and assurances (e.g., certifications) for these implementations.

Q: What plans are there to protect against quantum computing?

A: The storage industry has been actively tracking developments in the quantum computing space, more specifically, post quantum cryptography (aka quantum resilient cryptography).   The U.S. National Security Agency (NSA) has issued a revised advisory for its Commercial National Security Algorithm Suite (CNSA 2.0) that identifies specific algorithm and migration timelines. As part of this, symmetric key encryption has seen a doubling of key sizes, so most storage vendors employing encryption have moved to 256-bit AES.  The U.S. National Institute of Standards and Technologies (NIST) has standardized three quantum resilient asymmetric algorithms (FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA)) to date and plans to standardize additional algorithms over the next few years. International standards for quantum resilient asymmetric algorithms are still under development. Integration of quantum resilient algorithms into storage-oriented protocols is very active at this time.

Q: How can you participate in the development of these standards?

A: There are a significant number of formal standards development organizations (SDOs) as well as industry associations that are developing relevant specifications. International SDOs typically operate at the national body (NB) level, which means one joins the appropriate NB. Using ISO/IEC 27040:2024 as an example, INCITS/Cybersecurity & Privacy is the U.S. activity that interfaces with ISO/IEC JTC 1/SC 27, which developed that standard. Industry associations like SNIA, Trusted Computing Group, Open Compute Project, etc. typically have membership fees to join and participate. The IEEE Security in Storage WG is an individual-based membership working group with an international focus that does not require membership or fees to join, so it is probably good starting point in getting involved with storage security standards.

References

  • ISO/IEC 19790:2025 ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements
  • ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls
  • ISO/IEC 27040:2024  Information technology — Security techniques — Storage security
  • IEEE Std 2883™ IEEE Standard for Sanitizing Storage
  • IEEE Std 2883.1™ IEEE Recommended Practice for Use of Storage Sanitization Methods
  • IEEE Std P2883.2™ IEEE Recommended Practice for Virtualized and Cloud Storage Sanitization
  • IEEE Std P3406™ IEEE Standard for a Purge and Destruct Sanitization Framework
  • NIST FIPS 203 – Module-Lattice-Based Key-Encapsulation Standard (ML-KEM)
  • NIST FIPS 204 – Module-Lattice-Based Digital Signature Standard (ML-DSA)
  • NIST FIPS 205 – Stateless Hash-Based Digital Standard (SLH-DSA)
  • NIST SP 800-88r2 Guidelines for Media Sanitization
  • NIST SP 800-209 Security Guidelines for Storage Infrastructure
  • NIST SP 800-38E Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices
  • ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements
  • ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls
  • ISO/IEC 27040:2024  Information technology — Security techniques — Storage security
  • IEEE Std 2883™-2022 IEEE Standard for Sanitizing Storage
  • IEEE Std 2883.1™-2025 IEEE Recommended Practice for Use of Storage Sanitization Methods
  • IEEE Draft Std P2883.2™- IEEE Recommended Practice for Virtualized and Cloud Storage Sanitization
  • IEEE Draft Std P3406™ IEEE Standard for a Purge and Destruct Sanitization Framework
  • NIST SP 800-88r2 Guidelines for Media Sanitization
  • NIST SP 800-209 Security Guidelines for Storage Infrastructure
  • NIST SP 800-38E Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices