1996-09-12 - Re: Erasing Disks

Header Data

From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: 3f6d1493d88336e1c39a48ccdcbb22dadd6c50f47d96585dcc3be8b1153969c7
Message ID: <199609120609.XAA05442@netcom8.netcom.com>
Reply To: N/A
UTC Datetime: 1996-09-12 08:19:23 UTC
Raw Date: Thu, 12 Sep 1996 16:19:23 +0800

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Thu, 12 Sep 1996 16:19:23 +0800
To: cypherpunks@toad.com
Subject: Re: Erasing Disks
Message-ID: <199609120609.XAA05442@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


I was asked of an outline of Peter Gutmann's paper, "Secure Deletion of
Data from Magnetic and Solid-State Memory" in The Sixth USENIX Security
Symposium Proceedings in private mail.  Since I think the question is of
general interest I am posting the answer and Bccing the original
questioner.

The paper starts with the comment that most secure data destruction guides
are classified.  There is the suspicion that the unclassified ones do not
cover the newer recording materials and techniques, and will not protect
you against government attackers.

The analysis techniques for disks examined were Magnetic Force Microscopy
(MFM) and its close cousin, Magnetic Force Scanning Tunneling Microscopy
(STM).  "It is possible to build a reasonably capable SPM for about
US$1400, using a PC as a controller." (See
http://www.skypoint.com/~members/jrice/STMWebPage.html)  This cost is
conceivably within the range of a high school student.

Peter discusses the way that data can be recovered from under new data (due
to the difference in the magnetic domains depending on whether the bits
were the same or different), and beside new data due to positioning errors
of the head.

When trying to develop a secure erasure technique, you need to know the
encoding technique used on the disk.  (e.g. FM, MFM, RLL, PRML etc.)

He recommends a 35 pass erasure scheme as follows:

1-4     Random
5       0x55
6       0xAA
7       0x924924
8       0x492492
9       0x249249
10      0x00
11      0x11
12      0x22
13      0x33
14      0x44
15      0x55
16      0x66
17      0x77
18      0x88
19      0x99
20      0xAA
21      0xBB
22      0xCC
23      0xDD
24      0xEE
25      0xFF
26      0x924924
27      0x492492
28      0x249249
29      0x6DB6DB
30      0xB6DB6D
31      0xDB6DB6
32-35   Random

He recommends using cryptographically random numbers and randomly permuting
the deterministic passes to further confuse attackers.

He warns about disabling any disk caches which may be present, and
discusses the problems of erasing data on now-bad sectors.  He points out
that data which has been left for a long time is harder to erase than
recently written data.  He mentions that the most powerful commercially
available deguassers aren't powerful enough to erase modern disks or DAT
tapes.  (N.B. Deguassing a disk will also erase the factory-written control
tracks, making the disk useless.)  He notes that ECC may make destruction
of data more difficult.

He recommends burning floppy disks.

He also discusses recovering data from DRAM and SRAM devices.  He mentions
that data which has been stored in DRAM for 10 minutes will be detectable
after power is removed.  He recommends that sensitive data (such as crypto
keys) have their bits flipped every second or so.  This technique has the
beneficial side effect that the page remains recently used and is less
likely to be paged out.\

I quote from his conclusion, "Data overwritten once or twice may be
recovered by subtracting what is expected to be read from a storage
location from what is actually read.  Data which is overwritten an
arbitrarily large number of times can still be recovered provided that the
new data isn't written to the same location as the original data (for
magnetic media), or that the recovery attempt is carried out fairly soon
after the new data was written (for RAM).  For this reason it is
effectively impossible to sanitize storage locations by simple overwriting
them, no matter how many overwrite passes are made or what data patterns
are written.  However by using the relatively simple methods presented in
this paper the task of an attacker can be made significantly more
difficult, if no prohibitively expensive."


-------------------------------------------------------------------------
Bill Frantz       | "Lone Star" - My personal  | Periwinkle -- Consulting
(408)356-8506     |  choice for best movie of  | 16345 Englewood Ave.
frantz@netcom.com |  1996                      | Los Gatos, CA 95032, USA







Thread