Data Wiping Standards


Data wiping software like the application discussed in the Tip of the Night for February 14, 2016 may overwrite data according to any one of several widely recognized standards. Here's a brief overview of them.

1. DoD 5220.22-M method - was developed by the National Industrial Security Program, a federal government authority to manage the needs of private industry for access to classified information. (The United States Department of Defense, the Department of Energy, the CIA, and the Nuclear Regulatory Commission have authority over the NISP.) DoD 5220.22-M actually refers to a manual providing baseline standards for handling classified information. This method is a three pass review which overwrites data with 1's, then with 0's, and then with random characters. This method is no longer used by the NISP and was never intended to be a standard for private, commercial users to wipe data. Be suspicious if you hear from a vendor that data erasing is performed with DoD 5220.22-M certification.

2. RCMP TSSIT OPS-II method - was developed by the Royal Canadian Mounted Police. This approach involves three passes of 0's, alternating with three passes of 1's, and then ending with random 1's and 0's - a total of seven passes altogether. Canada no longer uses this standard, instead opting for the CSEC ITSG-06 method which writes either a 1 or a 0 on the first pass, the opposite digit on the second pass, and then a random character on the last past.

3. Gutmann method - utilizes 35 passes. It begins and ends with 4 random write patterns. The 27 passes in between are designed to address magnetic media encoding. Peter Gutmann is known for claiming back in 1996 that overwritten data could be recovered by examining magnetic media with specialized microscopes. He notes that when a 1 is overwritten with a 0 there is an anomaly which can be detected. This method may not be effective with more modern hard drives.

4. PRNG method - Pseudo Random Number Generator overwrites with randomly generated digits in four to eight passes.

5 .Quick erase - simply performs one pass, overwriting data with zeroes.