2006.03 Cleanup Safely Deleting Data

[ Pobierz całość w formacie PDF ]

11 echo "[`date +"%a %T"`] $1 deleted"
The script in Listing 3 first fills the disk with zeros, then with random data, and then with zeros again. Three
rounds are normally sufficient. On the downside, the program will take a few hours to delete an 80 GB hard
disk.
Data protection officers will typically opt for seven rounds, as does the US DOD 5220.22-M standard. The
Peter Gutmann algorithm - which is the most modern of our candidates from a technological point of view -
Cleanup 4
mandates 35 rounds and requires a lot of patience on the part of the user. If you check the disk after
completing the process, you should see nothing but zeros.
Pure Coincidence?
The special device files, /dev/random and /dev/urandom, use a kernel-based driver to generate
pseudo-random numbers. The term "pseudo" is indicative of a well-known drawback in computing.
Computers can't generate genuine random numbers, although they can generate more-or-less random values.
This said, /dev/random and /dev/urandom generate numbers with a sufficient degree of randomness for most
cryptographic applications on a PC.
When generating random sequences, the kernel-based random number generator draws on various internal
values and attached devices to achieve sufficient entropy. Entropy expresses the degree of randomness of a
sequence of numbers generated in a specific period of time.
Applications read a bytestream from the /dev/random and /dev/urandom files. In contrast to /dev/urandom,
/dev/random only provides a byte if a sufficient degree of entropy has been achieved. If this is not the case,
the device blocks the output until sufficient data has accumulated to ensure a good level of entropy for the
values.
As it can take awhile for this to happen, the non-blocking I/O mode lets you remove the block, but this does
not improve the output speed. The bytes provided by /dev/random give you cryptographically stronger
random numbers, and they are safe enough to use as longer ciphers and as high-quality key material.
/dev/urandom does not honor the level of entropy mandated by the kernel-based generator. Lower entropy
does not interrupt the byte stream.
This fact makes the random numbers more "pseudo" than ever, but you have to remember that it isn't always
necessary to aim for top marks in cryptography.
In fact, /dev/urandom is fine for temporary keys, such as session keys in web sessions, for filling up disk
space with noise, or for short-term authentication in challenge-response scenarios.
Deleting Individual Files
Something similar to the approach shown by the script in Listing 3 can theoretically be applied to delete a
single file from a disk. But this program is not up to recursive deletion of whole directories, and you might
prefer to look for an alternative or to enhance the program to meet your needs.
Applications such as Wipe give you more convenience. Most distributions include the tool, which lets you
delete whole directory trees:
wipe -r directory
However, you can only rely on Wipe if you disable your hard disk's write cache. The program requests
exclusive access to the disk for each round, as the project homepage explains [6].
Under normal circumstances you should be fine with a kernel that supports mandatory locking, assuming you
remember to specify the mand option when mounting. If your system does not fulfill these requirements, or if
the filesystem moves files that it overwrites to a different location, programs such as Wipe will be no use, or
even worse, as they give you a false sense of security.
Wipe uses Peter Gutmann patterns to create the strings it uses for overwriting. To do so, it accesses the special
/dev/urandom and /dev/random files, which provide the required level of entropy. To speed things up, Wipe
also uses the Mersenne Twister pseudo-random number generator (PRNG).
Cleanup 5
Conclusions
It is interesting to note that the US Department of Defense stipulates physical destruction of magnetic media
containing highly confidential data. Whenever you handle sensitive data, you should always be aware that
there is no such thing as perfect software. On a brighter note, Linux tools should give most users more than
enough security.
INFO
[1] Retrieving deleted data on Linux: http://wiki.yak.net/592
[2] Retrieving data from an Ext2 file system: http://www.faqs.org/docs/Linux-mini/Ext2fs-Undeletion.html
[3] Guidelines for handling confidential data in US offices: http://www.dss.mil/isec/nispom_0195.htm
[4] Bruce Schneier's homepage: http://www.schneier.com
[5] Peter Gutmann's homepage: http://www.cs.auckland.ac.nz/~pgut001
[6] Wipe: http://wipe.sourceforge.net
Cleanup 6 [ Pobierz całość w formacie PDF ]

Odnośniki