7 Powerful Algorithms for Permanently Erasing Files and Folders

Digital Forensics Jay Ravtole todayMarch 26, 2024

Background
share close

Error deleting is never safe. In a file system, deleting a file just deletes the file’s entry (pointer) from the file index. Consequently, the actual data is still present on the disk and is simply retrievable with the use of a simple data recovery program. Thus, before discarding, donating, or otherwise getting rid of your storage devices, make sure all of the data on them is entirely erased using a data erasure program.

A data erasing tool provides a variety of erasure techniques to guarantee that data is permanently erased and cannot be recovered. Erasure algorithms are a collection of guidelines and directives, or, to put it another way, a formula for erasing data from a memory device by simultaneously confirming it and overwriting it with random data bits (values/characters) one, two, or more times.

Globally, a variety of data erasure techniques are employed to remove sensitive, private, and confidential data entirely from memory devices, including hard drives, SSDs, SD cards, Flash drives, and the like, beyond the point of recovery. The most well-known military institutions in the world, including the US Department of Defense, as well as national and international governments, have created some of these erasure algorithms. These algorithms are made to make sure their private and secret files and data don’t leak, don’t end up in the hands of an enemy or unauthorized party, and can’t be recovered using any method that is commercially available.

Here are a few of the best data erasure standards & algorithms that you, as an individual or business, can utilize to guarantee data security and sanitization.

1. U.S. Department of Defense (DoD 5220.22-M)

The DOD 5220.22-M, as defined by the US National Industrial Security Program (NISP), is also known as DOD 5220.2-M (notice that 22-M has been substituted with 2-M). The Defense Security Service (DSS) created it as a safe data sanitization method. It is also one of the most popular, safest, and improved erasure standards for data sanitization; it is applied in three and seven passes with different verification intervals.

Below are a few other popular versions of the DoD 5220.2-M:

  • DoD 5220.22-M (ECE) – Overwrites data 7 times (7passes)
  • DoD 5220.22-M (E) – Overwrites data 3 times (3 passes)
  • DoD 5220.28-M -STD – Overwrites data 7 times (7 passes)

The distinction between them is that each employs a character and its complement in varying verification frequencies and number of passes.

3 Passes

  • Pass 1: Writes zero and verify
  • Pass 2: Write one (compliment of the value of the first run) and verify
  • Pass 3: Write pseudo¬random values and verify

7 Passes

  • Pass 1-3: Overwrite data with DoD 5220.22-M (E)
  • Pass 4: Overwrite with pseudo-random values
  • Pass 5: Overwrite data with DoD 5220.22-M (E) Standard

2. US Army AR 380-19

The US Army defined and published the AR 380-19 data erasing procedure in Army Regulation 380-19. This data erasure algorithm eliminates the data in three stages, as described below.

  • Pass 1: It writes random character
  • Pass 2: Writes specified character on the drive (E.g. One)
  • Pass 3: Overwrites the complement of specified character i.e. Zero and then it verifies overwrites

3. US Air Force AFSSI-5020

The United States Air Force (USAF) defined the AFSSI-5020 in its Air Force System Security Instruction 5020. This data sanitization approach employs zeros, ones, and pseudo-random values, however in a different order and number of passes. It is similar to DoD 5220.22-M.

  • Pass 1: Overwrites Zero
  • Pass 2: Overwrites One
  • Pass 3: Overwrites a pseudo-random value and then verifies it

4. Canadian RCMP TSSIT OPS-II

The Royal Canadian Mounted Police defined this data sanitization algorithm. It uses six runs of complimentary repeating values before overwriting a pseudo-random character with verification on the seventh iteration.

  • Pass 1: overwrites a fixed value (e.g. zero)
  • Pass 2: Overwrites complement of Pass 1 (i.e. one)
  • Pass 3: Overwrites complement of Pass 2 (zero)
  • Pass 4: Overwrites complement of Pass 3 (one)
  • Pass 5: Overwrites complement of Pass 4 (zero)
  • Pass 6: Overwrites complement of Pass 5 (one)
  • Pass 7: Overwrites a pseudo-random value and verifies the write

Unlike DoD 5220.22-M that verifies overwrite after each overwrite, this algorithm verifies overwrite in the 7th pass only.

5. British HMG IS5

The British HMG IS5 erasure standard employs two or three passes to write a combination of zero, one, and random data with verification. The British HMG IS5 three pass is far superior to the two passes.

2 pass British HMG IS5:

  • Pass 1: Writes Zero
  • Pass 2: Writes Random data and verifies it

3 Pass British HMG IS5

  • Pass 1: Writes Zero
  • Pass 2: Writes One
  • Pass 3: Writes Random data and verifies it

6. Peter Gutmann

Peter Gutmann invented the Gutmann data sanitization technique in 1996. It is one of several software-based data sanitization standards used by data erasure tools to overwrite existing data on a hard disk or other storage media.

The Peter Gutmann algorithm works by repeatedly overwriting some pseudo-random values (35 passes). The Gutmann method uses random values for the first and last four passes, followed by a complex pattern from passes 5 to 31.

Pass 1-35: Overwrites pseudo-random values

Because this was designed in the late 1900s, most of the passes may not be applicable to modern drives. Erasing a single file 35 can take from minutes to hours or days, depending on the file size and write speed of the memory media. Nonetheless, this method is one of the most effective at removing all traces of data from storage systems.

7. Russian Standard – GOST-R-50739-95

GOST-R-50739-95 is a set of data erasure standards developed by Russians to prevent unwanted access to information. This data sanitization algorithm is applied in the following ways:

Method 1:

  • Pass 1: Overwrites Zero
  • Pass 2: Overwrites random characters

Method 2:

Pass 1: Overwrites random characters

All data erasure methods are quite similar apart from the number of passes and what or how the character is written over existing data. They all are equally capable of destroying the data from a storage media. But with a tool such as Stellar File Eraser, you can choose your desired data erasure algorithm to accomplish the data sanitization. Unlike other erasure tools, the Stellar File Eraser also generates a certificate of erasure that gives you complete peace of mind and guarantees that the data is destroyed permanently beyond the scope of recovery.

Conclusion:

We talked about data security and seven practical data erasure algorithms that any individual or organization can utilize to sanitize data. Before wiping a memory device, be sure there are no vital files that you will require later. When you employ an erasure algorithm to wipe data, it cannot be recovered under any circumstances, including with available forensic tools. Thus, exercise extreme caution before starting with data sanitization.

Written by: Jay Ravtole

Tagged as: .

Rate it

Previous post

Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *


Open chat
Hello, How can we help you?