The Expert’s Guide to Data Privacy: 7 Advanced Algorithms for Permanent File and Folder Removal

Computer Forensics + Digital Forensics Anjali Singhal todayJanuary 8, 2024

Background
share close

There is no security in deletion. In a file system, deleting a file just deletes the file’s entry (pointer) from the file index. Consequently, the actual data is still present on the disk and is simply retrievable with the use of a simple data recovery program. Thus, before discarding, donating, or otherwise getting rid of your storage devices, make sure all of the data on them is entirely erased using a data erasure program.

Why Data Erasure Tool?

A data erasure tool provides erasure techniques to guarantee that data is permanently erased and cannot be recovered. Erasure algorithms are a collection of guidelines and directives, or, to put it another way, a formula for erasing data from a memory device by simultaneously confirming it and overwriting it with random data bits (values/characters) one, two, or more times.

Globally, a variety of data erasure techniques are employed to eradicate sensitive, private, and confidential data entirely from memory devices, including hard drives, SSDs, SD cards, Flash drives, and the like, beyond the point of recovery. The most well-known military institutions in the world, including the US Department of Defence, as well as national and international governments, have created some of these erasure algorithms. These algorithms are made to make sure their private and secret files and data don’t leak, don’t end up in the hands of an enemy or unauthorized party, and can’t be recovered using any method that is commercially available.

Here are a few of the best data erasure standards & algorithms that you, as an individual or business, can utilize to guarantee data security and sanitization.

1. U.S. Department of Defense (DoD 5220.22-M)

The DOD 5220.22-M, as defined by the US National Industrial Security Program (NISP), is also known as DOD 5220.2-M (notice that.22-M has been substituted with.2-M). The Defence Security Service (DSS) created it as a safe data sanitization method. It is also one of the most popular, safest, and improved erasure standards for data sanitization; it is applied in three and seven passes with different verification intervals.

Below are few other popular versions of the DoD 5220.2-M:

  1. DoD 5220.22-M (ECE) – Overwrites data 7 times (7passes)
  2. DoD 5220.22-M (E) – Overwrites data 3 times (3 passes)
  3. DoD 5220.28-M -STD – Overwrites data 7 times (7 passes)

The difference between them is that each one uses a character and its’ complement in different verification frequencies and number of passes.

3 Passes

  • Pass 1: Writes zero and verify
  • Pass 2: Write one (compliment of value of first run) and verify
  • Pass 3: Write pseudo¬random values and verify

7 Passes

  • Pass 1-3: Overwrite data with DoD 5220.22-M (E)
  • Pass 4: Overwrite with pseudo-random values
  • Pass 5: Overwrite data with DoD 5220.22-M (E) Standard

2. US Army AR 380-19

The US Army AR 380-19 data erasure method is defined & published by the US Army in the Army Regulation 380-19. This data erasure algorithm destroys the data in 3 passes as mentioned below:

  • Pass 1: It writes random character
  • Pass 2: Writes specified character on the drive (E.g. One)
  • Pass 3: Overwrites the complement of specified character i.e. Zero and then it verifies overwrites

3. US Air Force AFSSI-5020

The AFSSI-5020 was defined by the United States Air Force (USAF) in the Air Force System Security Instruction 5020. This data sanitization method uses zeros, ones, and pseudo-random values but in a different order and number of passes. It’s similar to the DoD 5220.22-M.

  • Pass 1: Overwrites Zero
  • Pass 2: Overwrites One
  • Pass 3: Overwrites a pseudo-random value and then verifies it

4. Canadian RCMP TSSIT OPS-II

This data sanitization algorithm was defined by the Royal Canadian Mounted Police (RCMP). It uses 6 passes of complementary repeated values and ends by overwriting a pseudo-random character with verification in 7th pass.

  • Pass 1: overwrites a fixed value (e.g. zero)
  • Pass 2: Overwrites complement of Pass 1 (i.e. one)
  • Pass 3: Overwrites complement of Pass 2 (zero)
  • Pass 4: Overwrites complement of Pass 3 (one)
  • Pass 5: Overwrites complement of Pass 4 (zero)
  • Pass 6: Overwrites complement of Pass 5 (one)
  • Pass 7: Overwrites a pseudo-random value and verifies the write

Unlike DoD 5220.22-M that verifies overwrite after each overwrite, this algorithm verifies overwrite in the 7th pass only.

5. British HMG IS5

The British HMG IS5 erasure standard uses 2 passes or 3 passes where it writes combination of Zero, One, & Random data with verification. British HMG IS5 3 pass is much more enhanced than the 2 passes.

2 pass British HMG IS5:

  • Pass 1: Writes Zero
  • Pass 2: Writes Random data and verifies it

3 Pass British HMG IS5

  • Pass 1: Writes Zero
  • Pass 2: Writes One
  • Pass 3: Writes Random data and verifies it

6. Peter Gutmann

Peter Gutmann created the Gutmann data sanitization technique in 1996. This data erasure tool is one of many that use software-based data sanitization standards to overwrite existing data on hard drives and other storage media.

The way the Peter Gutmann method operates is by making 35 passes over a set of pseudo-random values. It’s crucial to remember that the Gutmann method employs a complicated pattern from pass 5 to pass 31 in place of random values for the first and last four passes.

  • Pass 1-35: Overwrites pseudo-random values

Given that it was designed in the late 1900s, it’s possible that most of the passes don’t apply to contemporary drives. Additionally, depending on the file size and write speed of the memory device, erasing a single file 35 times can take several minutes, hours, or even days. Nonetheless, this method is among the best at eliminating all traces of data from the storage devices.

7. Russian Standard – GOST-R-50739-95

The GOST-R-50739-95 is a set of data erasure standards outlined by Russians to protect against unauthorized access to information. This data sanitization algorithm is implemented in the following ways:

Method 1:

  • Pass 1: Overwrites Zero
  • Pass 2: Overwrites random characters

Method 2:

  • Pass 1: Overwrites random characters

The number of passes and the kind of character that is written over the existing data are the only differences among all data erasure techniques. They can all delete data from a storage medium just as easily.

Conclusion:

In this blog, we talked about data security and the seven efficient data erasure algorithms that a person or group can utilize to clean up their data. Make sure there are no crucial files on a memory device that you might require later before wiping it. Data that has been destroyed by an erasure algorithm cannot be recovered under any circumstances, not even with the aid of current forensic technologies. So, proceed with extreme caution before doing any data sanitization.

Written by: Anjali Singhal

Tagged as: .

Rate it

Previous post

Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *


Open chat
Hello, How can we help you?