Your away-game advantage: Get up to off before July 19.

Every match. Every moment.
Get off by July 19.

Claim now!
Get Plan

45-day money-back guarantee

Crypto Shredding

Crypto Shredding Definition

Crypto shredding, also called cryptographic erasure, is a way to make encrypted data unreadable by removing the key that unlocks it. The data itself may still sit on a drive, server, backup, or cloud system, but it can’t be opened in a readable form without that key. This makes crypto shredding useful when the same data exists in several places and deleting every copy would be difficult. Regular file deletion removes the file reference, and drive wiping overwrites stored data. Crypto shredding works at the key level instead.

How Crypto Shredding Works

Crypto shredding only works if the information is encrypted before it needs to be destroyed. A system stores the encrypted data as ciphertext and keeps the matching decryption key in a separate key management system.

When the information is needed, the system uses that key to read it. When it needs to be destroyed, the decryption key is rendered unusable, typically by securely deleting, overwriting, or otherwise altering it. After that, the stored ciphertext has no practical path back to its original form. The process depends on strong encryption, separate key storage, and making sure no usable copies of the key remain.

Examples of Crypto Shredding

Limitations of Crypto Shredding

Read More

FAQ

Degaussing uses a strong magnetic field to erase data from hard drives and tapes. Crypto shredding works differently. It removes the encryption key, so it can also apply to encrypted SSDs, cloud storage, databases, and backups. Degaussing doesn’t work on SSDs because they don’t store data magnetically.

In most cases, no. Once the encryption key is gone, the encrypted data can’t be restored to a readable form. Recovery is only likely if another copy of the key still exists or the encryption was weak.

Removing a shared key affects every file linked to it. This works when the whole file group needs to be retired at once, but it can cause problems if only one file should become inaccessible. That’s why shared keys need to be planned carefully.

Crypto shredding can support data erasure rules, but it doesn’t make compliance automatic. An organization may still need proof that the right key was removed, when it happened, and which records it affected. The exact requirements depend on the law, the type of data, and the system involved. 

×

Time to Step up Your Digital Protection

The 2-Year Plan Is Now
Available for only /mo

undefined 45-Day Money-Back Guarantee