How to properly erase/scrub/wipe a hard drive?

So you are saying that when I create a truecrypt folder that it does not overwrite the space that it occupies?

 

Now I'm confused too. Someone had said earlier in this topic that using TrueCrypt on a drive and throwing away the key would in essence wipe the drive. I've never used TrueCrypt before.

Do you use TrueCrypt and then it asks you how big a container you want? and then you say the whole drive, or 100mb etc.?

 

If it does overwrite all of the space of the container, then that would take time and we're back with simply filling the drive with random data.

TC and other FDE software only encrypts the data that needs to be encrypted and encrypts it on the fly. This is why it is recommended to wipe the partition/container with random data *before* encrypting. That way the encrypted data cannot be told apart from "blank space," which makes the job much more difficult for an attacker. I don't know if TC wipes before encrypting or not (I would imagine it does).

So, again, the drive has to be wiped *before* encryption. Therefore, the encryption itself is superfluous when we're talking about disk wiping techniques.

 

What about whole-disk encryption? Or would that take at least as long as wiping the disk?

 

Yep, whatever area you plan to encrypt should be filled with random data first. You don't have to, but it helps security a lot.

For instance, say you want to encrypt a 50 GB container and it looks like this initially:

------------
000000000
000000000
000000000
000000000
000000000
000000000
------------

Bunch of zeroes, right? Well if you don't wipe it, then when your real data gets in there, it will look something like this:

-------------
001100010
101110010
000101100
000000000
000000000
000000000
-------------

Notice how it's very easy to tell where the real data begins and ends. This makes cryptanalysis easier because an attacker knows what is the target data and what isn't. Of course, it is unlikely your drive will be all zeroes; in reality it will be a mix of 0's and 1's (unless you specifically wiped it with zeros). However, the original "blank space" will not be random and thus can be distinguished from random data (which is the encrypted data).

Bottom line: when you encrypt a container, partition or drive, the encryption cipher doesn't just magically scramble the entire space -- it only scrambles what it needs to scramble.

 

Thanks, chronomatic.

So, let's say that I use TrueCrypt to encrypt an NTFS drive that's in use. Broadly speaking, there are three classes of sectors: (1) never been touched since format; (2) containing parts of files; (3) containing pieces of files that no longer exist per se.

Is that accurate?

If it is, which classes of sectors would TrueCrypt touch? Just 2 and 3? Or just 2?

 

Nope. TrueCrypt makes a container with a given size, and fills it with pseudo-random data, no matter how much actual data there are on the partition. Othervise it would be impossible to use the plausible deniability option in TrueCrypt.

I'm quite sure that any other serious encryption program do the same.
But I don't know the quality of this psuedo-random data.

See http://www.truecrypt.org/docs/?s=hidden-volume for explanation.

 

Sorry folks, but I am absolutely certain that the encryption method works. Nobody could "look inside" the AES encrypted container or encrypted drive. It is not necessary to do anything more than the process required during the encryption of the drive. One might be able to tell something is there with cryptanalysis, but the contents would not be able to be identified. No file names. Nothing. Chronomatic is right if you are creating a "hidden partition"....you clearly then want it to look as if there is nothing there but random data.

 

I have read so much on forensic forums and DBAN is more than enough to clean your drive without wasting your time encrypting or any other paranoid overkill, I guarantee you can send the HD to any lab and they will not find anything that is usable period.

 

And I agree with this. I was only offering another option.

 

I have used Terabyte's CopyWipe (freeware bootable CD) once (Strong Random Pattern followed by a "zero" write). There are many wiping strength options.

http://www.terabyteunlimited.com/copywipe.php

Another program which has several levels of hard drive/partition wiping is Partition Wizard's bootable CD. I have never used the hard drive/partition wiping feature of Partition Wizard's bootable CD. The Linux based GUI seems to be user friendly.

http://www.partitionwizard.com/partition-wizard-bootable-cd.html

 

You're missing the point. Look at the title of the thread -- we're discussing disk scrubbing techniques where someone said that you can merely encrypt the disk with Truecrypt and forget the key (implying that this is much faster than wiping the disk). However, as you point out, TC has to write random data to the disk before encrypting it, so we're still back to wiping the disk with random data. Therefore, why use TC at all?

They do. I use dm-crypt/LUKS on Linux for my WDE and it wipes the space prior to encryption (but it is dog slow because it uses /dev/urandom which is crytographically secure, but just slow).

Yeah, PRNG's are a real issue a lot of people overlook. At least TC documents their PRNG, so I assume it's pretty decent, especially since it takes input from the user (mouse movements, etc.). This is about as good as one can get without a dedicated hardware RNG.

 

Okay, chronomatic, let me try this one more time.....

I offered it as another option as the OP was stressing the need not to see file names. Sometimes wiping software will leave file names or partial names. An encrypted disk would not offer the opportunity to forensically examine the disk for file names as the OP was concerned about. That's really pretty simple and to take note of the diversion of your last post, you first stated that it wouldn't work at all because it would be vulnerable to cryptanalysis - it wouldn't be.

 

According to the TrueCrypt FAQ, one can whole-disk encrypt without losing current data. As I recall, I've done that with PGP Desktop, and it took hours. Anyway, would that likely be faster than writing random data to the whole disk? Or would it be slower, because it has to move data around in the process?

 

But why encrypt the disk at all? Why not just scrub it with random data? The encrypting is an unnecessary step. (And if you wipe the whole disk, there is no concern about leftover metadata).

 

the first poster says he tried some wiping software and it left some info on disk.
he wants to know which program effectively wipes everything down.
i wonder if killdisk,wipedrive, can do it now..

 

For the purpose of wiping a modern hard disk drive, there is no evidence of which I am aware suggesting that the value of the bytes written to disk have any impact on the ability of an adversary to recover overwritten files. Thus, whether the wipe pattern is “pseudo-random” or “cryptographic random” or a constant (e.g., 0x00) should be irrelevant.

 

From a practical perspective, I agree: encrypting a partition destroys the original data. However, there is always the (very remote) possibility that someday someone will discover a quick and easy way to circumvent AES and decrypt an encrypted volume. In contrast, wiping the disk volume with random bytes, for example, does not possess this theoretical disadvantage.

 

I agree, and I am not sure why you are bringing this up as I never said anything to the contrary. If one wants to wipe a disk, zeros are as good as anything. You don't even need a PRNG. I only mentioned PRNG's as a tangent to the discussion.

Encrypting only destroys the original data if you overwrite it first. Therefore, as I have said numerous times, why encrypt at all if your objective is just to overwrite a disk? The overwriting happens one way or another.

 

I thought that creating a truecrypt folder would have the same effect on the space that it occupied as would a movie or something like that downloaded to the same space. I had always thought that it would completely overwrite that space with a bunch of random data. I am glad that you have corrected me.

 

It does. TC will erase everything according to the size you've specified the container/partition should be. But the encryption itself only happens to individual files on the fly and not to the "empty space." Technically, that's what a block cipher is supposed to do -- scramble legit data so that it appears to be random noise. Without breaking the cipher, an attacker cannot discover what is random noise and what isn't. That's why TC and other programs overwrite all of the space first so that there is nothing non-random hanging around.

At any rate, my only point was that encryption needs to overwrite the disk, so why use this method at all for disk scrubbing when you can just use DBAN or a Linux liveCd with something like dd if=/dev/urandom of=/dev/sdx? Unless TC is much faster at wiping the disk than other options, I see no reason to use it for this purpose.

P.S. If you want something as strong as DBAN, yet MUCH faster, fire up a Linux LiveCD, open a terminal and type this:

Code:

dd if=/dev/random bs=1k count=1 | openssl enc -kfile /dev/fd/0 -in /dev/zero -aes-128-cbc > /dev/sdx

Where "/dev/sdx" is the name of the disk where you want the data to be written. Likely it will be /dev/sda or /dev/sdb.

This technique seeds the AES cipher (part of OpenSSL) which then outputs random data at a fast rate. On my average dual-core with a 7200 RPM drive, it writes about 3GB per minute. That means you could wipe a 500GB disk in less than 3 hours. This is much faster than /dev/urandom and somewhat faster than shred.

 

You are failing to understand. I think you may not understand how whole disk encryption works. That's what we're talking about here. Full/Whole Disk Encryption. This would safely keep any and all files away from prying eyes. It would show there is data there, yes, but it would not show what the data is. Period.

It requires nothing to be overwritten first.

Again, full/whole drive encryption doesn't need to overwrite anything. With TrueCrypt you can encrypt your entire drive, wiping nothing, with data in place. You end up with a drive protected by Whole Disk Encryption without the need to wipe anything. The data is still there - but nobody can access it.

Here's a discussion from 2006 when Bruce Schneier was questioning NIST not believing that fully encrypted data was good enough for disposal:
http://www.schneier.com/blog/archives/2006/09/media_sanitizat.html
Most all government agencies now allow disposal of computers protected by whole drive encryption. Again, this is with data in place (or data-at-rest) and nothing being wiped.

This really isn't that difficult - or controversial!

 

Thanks, LockBox.

So, would one expect TrueCrypt to take less time to encrypt a working disk than it would take wiping software to overwrite it? Substantially less?

 

Okay so if I have a 700 G hard drive, and I create a 650 G truecrypt folder and then delete the folder, that space will have been overwritten and nothing that had existed there previously will remain?

I have read that with wipe utilities that they will not wipe alternate data streams (whatever those are) and as someone mentioned above, wipe utilities sometime leave file names, etc. I have also read that Dban will not overwrite bad sectors. http://blackopsecurity.net/wiki/index.php/DBAN So my question is, is TC the solution to these problems?

 

I believe that it's just whole-disk encryption that'd be secure. Yes?