Editing Zeroisation

[[File:RVSN IMG 1671.JPG|thumb|"Emergency Erase" (АВАРИЙНОЕ СТИРАНИЕ) switch, zeroize in [[NSA]] parlance, on a cryptographic device of the Soviet [[Strategic Rocket Forces]]]]
In [[cryptography]], '''zeroisation''' (also spelled '''zeroization''') is the practice of erasing sensitive parameters (electronically stored data, [[cryptographic key]]s, and [[critical security parameters]]) from a cryptographic module to prevent their disclosure if the equipment is captured. This is generally accomplished by altering or deleting the contents to prevent recovery of the data.<ref>{{cite web|url=http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf |title=FIPS PUB 140-2 - SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES|access-date=2023-08-25}}</ref>

==Mechanical==
When [[encryption]] was performed by [[rotor machine|mechanical devices]], this would often mean changing all the machine's settings to some fixed, meaningless value, such as [[0 (number)|zero]]. On machines with letter settings rather than [[Numerical digit|numerals]], the letter 'O' was often used instead. Some machines had a button or lever for performing this process in a single step. Zeroisation would typically be performed at the end of an encryption session to prevent accidental disclosure of the keys, or immediately when there was a risk of capture by an adversary.<ref>[https://web.archive.org/web/20120926071443/http://www.dtic.mil/cjcs_directives/cdata/unlimit/m652001.pdf Link 16 Joint Key Management Plan, CJCSM 6520.01A, 2011, Section 6b(4)(b)]</ref>

==Software==
In modern [[software]] based cryptographic modules, zeroisation is made considerably more complex by issues such as [[virtual memory]], [[compiler]] [[optimization (computer science)|optimisation]]s<ref>{{cite web|url=https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/771-BSI.html |title=MEMSET |access-date=March 21, 2013 |url-status=dead |archive-url=https://web.archive.org/web/20130221133145/https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/771-BSI.html |archive-date=February 21, 2013 }}</ref> and use of [[flash memory]].<ref>{{cite web|url=http://cio.nist.gov/esd/emaildir/lists/cc-cmt/msg01706.html |title=Archived copy |access-date=March 21, 2013 |url-status=dead |archive-url=https://web.archive.org/web/20130307044459/http://cio.nist.gov/esd/emaildir/lists/cc-cmt/msg01706.html |archive-date=March 7, 2013 }}</ref> Also, zeroisation may need to be applied not only to the key, but also to a [[plaintext]] and some intermediate values. A cryptographic software developer must have an intimate understanding of [[memory management]] in a machine, and be prepared to zeroise data whenever a sensitive device might move outside the security boundary. Typically this will involve overwriting the data with zeroes, but in the case of some types of [[non-volatile storage]] the process is much more complex; see ''[[data remanence]]''.

As well as zeroising data due to memory management, software designers consider performing zeroisation:
* When an application changes mode (e.g. to a test mode) or user;
* When a [[computer process]] changes [[computer security|privileges]];
* On termination (including abnormal termination);
* On any error condition which may indicate instability or tampering;
* Upon user request;
* Immediately, the last time the parameter is required; and
* Possibly if a parameter has not been required for some time.
Informally, software developers may also use '''zeroise''' to mean any overwriting of sensitive data, not necessarily of a cryptographic nature.

==Tamper resistant hardware==
In [[tamper resistance|tamper resistant]] hardware, automatic zeroisation may be initiated when tampering is detected. Such hardware may be rated for '''cold zeroisation''', the ability to zeroise itself without its normal [[power supply]] enabled.

==Standards==
Standards for zeroisation are specified in [[American National Standards Institute|ANSI]] X9.17 and [[FIPS 140-2]].

==See also==
* [[Crypto-shredding]]

==References==
{{reflist}}

[[Category:Key management]]