Predefined sanitization standards

Gutmann’s maximum security sanitize method (35 passes)

A maximum security (but slow) 35 pass sanitize method, based on Peter Gutmann’s paper “Secure Deletion of Data from Magnetic and Solid-State Memory”. The method is designed to erase data regardless of the disk raw encoding. It effectively removes the magnetic remnants from disk, preventing hardware recovery tools from restoring any data.

NOTE: This method stops both software and hardware recovery tools.

3+7+3 Beyond DoD Standards algorithm (13 passes)

A secure (but slower) 13 pass wipe method, exceeding the U.S. Department Defence(DoD) standards. The first 3 passes are with random patterns, the next 7 passes are the standard passes from the DoD standard and the last 3 passes are with random patterns. The last pass is checked. It can be used to wipe data on compressed drives.

U.S. Department of Defense Sanitizing (DOD 5220.22-M) (7 passes)

A high security (and slower) 7 pass sanitize method, matching the U.S.Department of Defense standards (DOD 5220.22-M). The method first overwrites with 01010101. The second overwrite is performed with 10101010. This cycle is repeated three times. The final overwrite is made using unclassified data (random characters). This method also meets the NAVSO P5239-26, AFSSI-5020 and AR380-19 standards.

NB. Schneier’s algorithm (7 passes)

Bruce Schneier offers seven pass overwriting algorithm in his Applied Cryptography book. First pass overwrites all disk data with 0xFF patterns, second pass with 0x00 patterns, and then five times with a cryptographically secure pseudo-random sequence.

German VSITR (7 passes)

German VSITR method offers seven pass overwriting algorithm. The first 6 passes overwrites with alternate sequences of 0x00 and 0xFF, and the 7th pass, with 0xAA.

Russian GOST P50739-95 (6 passes)

1 Logical zeros (0x00 numbers) to each byte of each sector for 6th to 4th security level systems. Randomly selected symbols (numbers) to each byte of each sector for 3rd to 1st security level systems.

AFSSI-5020 (3 passes)

AFSSI-5020 is the USAF Cryptologic Support Center’s version of the DOD 5220.22-M purging standard. This deletion method first overwrites the target data area with the fixed value (0x00), then with the fixed value (0xff), and then with a randomly selected constant. Finally, at least 10% of the drive is read to verify the overwrites.

NAVSO P-5239-26 (MFM) (3 passes)

Navy Staff Office Publication (NAVSO PUB) 5239, “Information Systems Security (INFO SEC) Program Guidelines” is issued by the Naval Information Systems Management Center. Disk controllers use a variety of encoding techniques to convert the computer data to a format suitable for the Magnetic data storage media. Typically, ST506 style disk drives use MFM encoding; SCSI and ATA/IDE drives use a Run Length Limited (RLL) encoding scheme. This method implements the MFM pattern.

NAVSO P-5239-26 (RLL) (3 passes)

Navy Staff Office Publication (NAVSO PUB) 5239, “Information Systems Security (INFO SEC) Program Guidelines” is issued by the Naval Information Systems Management Center. Disk controllers use a variety of encoding techniques to convert the computer data to a format suitable for the Magnetic data storage media. Typically, ST506 style disk drives use MFM encoding; SCSI and ATA/IDE drives use a Run Length Limited (RLL) encoding scheme. If you are uncertain as to the drive encoding technique, use the RLL pattern.

Single-pass quick sanitize method, with random characters (1 pass)

A quick, single-pass sanitize method, that overwrites all disk data with random characters (patterns). This type of sanitizing is able to stop all software recovery tools (unformat and unerase tools, low level disk editors, etc.) from recovering the original data stored on disk. This method leaves the entire disk surface filled with unclassified (random) information and no trace of the original data.

Single-pass quick sanitize method, with zeros (1 pass)

A quick, single-pass sanitize method, that overwrites all disk data with zero characters (patterns). This type of sanitizing is able to stop all software recovery tools (unformat and unerase tools, low level disk editors, etc.) from recovering the original data stored on disk. This is the U.S. Department of Defense approved method for clearing disks (but NOT for sanitizing disks with secret information).