Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Spirnia
Contributor III
‎04-23-2025 11:24 AM
‎04-23-2025 11:24 AM

CCSP: Cryptoshredding

Hi, 

 

I am wondering about the steps in cryptoshredding.

 

I was under the impression that you delete the key only.

 

But, the official online curriculum says the following:

 

Screenshot 2025-04-23 112140.png

 

So, is data re-written during cryptoshredding or is only the key destroyed?

Reply
0 Kudos
17 Replies
Spirnia
Contributor III
‎04-24-2025 12:05 PM
‎04-24-2025 12:05 PM

Thank you so much!

Reply
0 Kudos
CBMExamTeam
ISC2 Team
ISC2 Team
‎04-24-2025 12:12 PM
‎04-24-2025 12:12 PM

@dcontesti Hello,

Thank you for reaching out.

I have forwarded your request to the people I hope will be able to help. Either someone will respond via Community or I'll let you know when my resource(s) reply.

Christine

Exam Admin

Exam Security

Reply
CBMExamTeam
ISC2 Team
ISC2 Team
‎04-24-2025 06:04 PM
‎04-24-2025 06:04 PM

@dcontesti @Spirnia Hello again,

 

I'm pleased to tell you that two of our content experts (also part of our Standards & Practice team) will be responding to you once they've had the chance to review the discussion here on Community.

Please be patient; you will receive a response.

 

 

Christine

Exam Administration

Exam Security

Reply
Spirnia
Contributor III
‎04-24-2025 06:06 PM
‎04-24-2025 06:06 PM

Thank you so much!

Reply
0 Kudos
dcontesti
Community Champion
‎04-24-2025 08:28 PM
‎04-24-2025 08:28 PM

Many thanks for the assist on this one.

 

d

 

Reply
0 Kudos
WillO_317
Viewer
‎04-25-2025 01:51 PM
‎04-25-2025 01:51 PM

Technically, you are on the right track; however, the terms ‘cryptographic erasure’, ‘crypto-shredding’, and ‘digital shredding’ are used somewhat interchangeably. The text muddies the water a bit by the statement "to perform proper crypto-shredding..."

 

By definition, Crypto-shredding is “A method of Sanitization in which the Media Encryption Key (MEK) for the encrypted Target Data (or the Key Encryption Key –KEK) is sanitized, making recovery of the decrypted Target Data Infeasible” (NIST SP 800-88r1).   

 

Crypto-shredding is not this process, it is merely one portion of a larger cryptographic erasure process.

 

As an aside, I would disagree that the key is the ‘ONLY thing touched', as that may not be sufficient.

Reply
WillO_317
Viewer
‎04-25-2025 02:01 PM
‎04-25-2025 02:01 PM

I will also add that ISC2 has marked this one for clarification/correction in its upcoming edits.  Thank you for engaging in this discussion.

Reply
Spirnia
Contributor III
‎04-25-2025 03:25 PM
‎04-25-2025 03:25 PM

Thank you for providing the definition from NIST.

 

I didn’t think to look there!

Reply
0 Kudos