As more and more computer data is generated, there is a need for efficient and reliable data storage systems. In order to store data more efficiently, some storage systems break the computer data into segments and deduplicate the storage of the segments; before storing each segment, the storage system checks if the segment has been previously stored, and if it has been previously stored, a reference to the previously stored segment is stored instead of the segment.
Data shredding is typically accomplished in a conventional storage system either by writing multiple times over the region storing the data, or by destroying the decryption information for data that was cryptographically encrypted before being stored. Because decryption information is typically much smaller than the original data, shredding by destroying decryption information can be much faster than by overwriting the original data. However, since a segment can be shared by multiple files in a segment deduplication storage system, shredding cannot be achieved by deleting decryption information used to encrypt the segments that make up a file.