Why Zeroize? Let's dig in.
This eBook will help you understand the basic concepts of zeroization, why it is necessary, and when to use it for improved cybersecurity.
UPDATE - June 2020
FIPS 140-3 enhances the requirements of secure data destruction (known as zeroisation) in some important ways. AEGISOLVE has prepared an Addendum to our eBook in this regard for your reading pleasure.
Zeroization is Required for FIPS 140-2.
This requirement is necessary to ensure that module secrets do not fall into the hands of the wrong people during various phases of a module’s lifetime, e.g., emergency situations such as an eminent take-over by enemy forces, module repurposing, or simply the end-of-life of the cryptographic module. Additionally, zeroization is relevant to all cryptographic modules, at all four security levels (1-4) of the FIPS 140-2.
But what level of zeroization is required for your needs? This guide will walk you through the 4 levels and help you understand the intent and practices behind quality zeroization.
What you’ll learn by reading this eBook:
- A technical and practical definition of zeroization
- When and why to use zeroization
- Physical requirements for zeroization
- The various levels of zeroization according to FIPS 140-2 standards
- Media Sanitation as Specified in NIST SP 800-88r1
- The impact of FIPS 140-3 on zeroization (now zeroisation)