Build in wiping schemes

BCWipe employs a variety of internationally recognized data sanitization standards called wiping schemes. Most of these schemes are currently a standard procedure to erase and sanitize sensitive information in governmental and military organizations around the globe.

You can choose any of the listed scheme in BCWipe Wiping Preferences. Additionally BCWipe provides a way to create your own wiping schemes. Refer to out custom scheme format description for more information.

Wiping standards available with BCWipe

1-pass zero

The fastest shredding algorithm. Your data is simply overwritten with zeroes.

1-pass random

Exactly the same as 1-pass zero except that your data is overwritten with randomly generated stream of bytes. Additional computations to generate randomness make this scheme a little slower than 1-pass zero.

U.S. Department of Energy M205.1-2 Standard

This standard was developed by U.S. Depratment of Energy to define and provide procedures for clearing, sanitization and destruction activities to ensure confidentiality appropriate to the processing of storage media, memory devices, and related hardware.

Standard uses three wiping passes:

Germany BSI Verschlusssachen-IT-Richtlinien (VSITR) Standard

The German Federal Office for IT Security released the VSITR standard, which wipes the drive with seven passes. For the first 6 passes, each wipe reverses the bit pattern of previous wipe.

Flipping the bits in this way is designed to destabilize the remnants of data that may exist on the edges of the track of the disk to which the data is written. The final pass amplifies this effect, overwriting the entire disk with "01010101". This is widely considered to be a secure method of erasing data.

U.S. DoD 5220.22-M (E)

A standard was developed by the Defense Security Service (DSS) to solve the problem of permanent removal of data. This is also used by many commercial enterprises. Under the National Industrial Security Program (NISP) representatives of the Industrial Security presented their security programs. As a part of these NISP the DSS developed the DoD 5220.22-M standard (National Industrial Security Program Operating Manual - NISPOM), which is used in almost every software deletion tool.

This wipe algorithm uses three write runs:

The regulations of the US Department of Defense refer expressly to the deletion of information on media with the military classification "Secret" or "TOP-Secret" which is not approved with this method. For lower classifications, this method is, sufficient.

U.S. DoD 5220.22-M (ECE)

This method is an extended variant of the DoD 5220.22-M. This variant of the DoD Standard uses for overwriting the data seven runs. Here the data is overwritten two times by using the DoD 5220.22-M (E) standard and one time with random value DoD 5220.22-M (C).

The sequence of the runs is like the following:

Bruce Schneier's Algorithm

Internationally-renowned security technologist and author Bruce Schneier recommends wiping a drive seven times. The first pass overwrites the drive with the bit pattern "00", the second with "11", and the next five with a randomly generated bit pattern.

This has a similar effect to the VSITR standard, but the random nature of the bit patterns written in the final five passes make it very difficult for an attacker to determine how the overwriting may have affected remnants of data around the edges of the track on the disk, or at bit transitions on the disk.

Although probably a more secure method of erasing data than VSITR, the time required to create random bit patterns makes this a significantly slower method.

Peter Gutmann's Algorithm

Peter Gutmann, is an Honorary Researcher at the Department of Computer Science, University of Auckland, specializing in the design and analysis of cryptographic security architectures. His research into secure deletion of data from magnetic media (such as hard disk drives) is the definitive work on the subject.

The CBL Data Shredder program implements the method he devised based on his findings, erasing data with several series of passes to minimize data remnance on drives using any current techniques of encoding data on the disk.

His algorithm makes 35 overwrite passes in total, and is considered the state-of-the-art method for data destruction. The cost of this security, of course, is time; wiping a drive using Peter Gutmann's algorithm will take more than 7 times longer than wiping the same drive with Bruce Schneier's algorithm, and will likely be more than 15 times longer than suing the US Department of Defence's standard.

See also:

Wiping Preferences
Appendix B: Custom scheme format