Crypto-shredding is the practice of rendering encrypted data unusable by deliberately deleting or overwriting the encryption keys: assuming the key is not later recovered and the encryption is not broken, the data should become irrecoverable, effectively permanently deleted or "shredded".[1] This requires that the data have been encrypted.
Data may be considered to exist in three states: data at rest, data in transit and data in use. General data security principles, such as in the CIA triad of confidentiality, integrity, and availability, require that all three states must be adequately protected. Deleting data at rest on storage media such as backup tapes, data stored in the cloud, computers, phones, or multi-function printers can present challenges when confidentiality of information is of concern. When encryption is in place, data disposal is more secure, as less data (only the key material) needs to be destroyed.