Video Screencast Help

PGP Shredder algorithm.

Created: 14 Jan 2013 • Updated: 14 Jan 2013 | 8 comments

Hi, folks.

Previously I have been told to look at PGP Shredder as a potential piece of software which is capable of secure data deletion. By “secure data deletion” I mean functionality which is responsible for secure destruction of data on an entire hard disk drive, individual partitions, individual files, etc. We all know that via utilizing specialized equipment, it is possible to recover even repeatedly overwritten information. I’m willing to avoid such a situation, especially with confidential data.

Based on what I’ve read in the corresponding User Guide, PGP is likely to answer my requirements. Nevertheless, I’m eager to understand in details how this software works? I’m willing to find as much as possible about used algorithm since it’s the case of the confidential data.

In the existent UG there is nothing but the following statement:

The PGP Shredder feature works by overwriting your data with random text. It repeats this multiple times, or passes.

Can somebody provide link to the document with full description of the process or give specific explanation regarding it?

Thanks in advance.

Kind regards,
Alexei.

Discussion Filed Under:

Comments 8 CommentsJump to latest comment

dfinkelstein's picture

It's slightly older source, but the shred functionality herein still applies to the latest releases.  Look at

https://www-secure.symantec.com/connect/downloads/...

You have to read and agree to the associated license, but I believe it applies in your case:

 

1.             SOFTWARE PROGRAMS & PURPOSE

You may download the software files made available with this license (“Software”) for the sole and limited purpose of assessing the security features of the Software and verifying that there are no unknown vulnerabilities or bugs in the Software  (“Purpose”).

In particular, you may want to look at pgpWipePattern.c

Another thing to consider is to use Whole Disk Encryption to encrypt the drive, and then throw the passphrase away.  This is similar to the "I've lost my laptop full of confidential information" use case, which is the primary sales driver for WDE.

Regards,

 

--------

David Finkelstein

Symantec R&D

Mr.Proper's picture

Thanks for your answer.

I wish I were more skillful at code understanding. Truth be told, I’m not.

So, may some less arrogant person than me shed a light on this question? At least, what method is being used for wiping data? I know at minimum 7 of them:

  • United States Department of Defense 5220.22-M
  • United States: NAVSO P-5239-26 (RLL)
  • United States: NAVSO P-5239-26 (MFM)
  • German: VSITR
  • Russian: GOST P50739-95
  • Peter Gutmann’s Method
  • Bruce Schneier’s Method
  • Logical zeros (0x00 numbers) to all sectors to wipe.

In addition, does wiping data process triggered by PGP Disk Shredder run with the respect to a user application to applications? I’ve meant the case of file access requests made by user applications to the locations that are to be cleaned up?  
 

Thanks in advance.
 

Kind regards,
Alexei.

Tom Mc's picture

In addition, does wiping data process triggered by PGP Disk Shredder run with the respect to a user application to applications? I’ve meant the case of file access requests made by user applications to the locations that are to be cleaned up?

I'm not sure of the question, but believe that when you paste a file into PGP Shredder, that it only wipes that file, rather than including any temp files that may be associated with it.

You might be interested in the PGP Options, disk tab option of Shred When Emptying The Windows Recycle Bin (I just set my encrypted disk to use one pass).  When any file is deleted by Windows, including system and application temp files, they are wiped.  This includes any files purged from the Recycle Bin, and any files you delete with Shift-Del to bypass the Recycle Bin.

 

 

 

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Mr.Proper's picture

Sorry for the typo, it obviously should be read like this “In addition, does wiping data process triggered by PGP Disk Shredder run with the respect to a user applications?”.

In other words, what if during Shredding process an application will make an attempt to write data to one of the locations that are to be deleted.

Hope this time I sound more clearly.

Kind regards,
Alexei.

Tom Mc's picture

In other words, what if during Shredding process an application will make an attempt to write data to one of the locations that are to be deleted.

I'm still not sure what you are looking for.  Perhaps what if an application attempts to write to the disk sectors currently be overwritten by Shredder?  I don't see this happening since Windows will have those sectors marked as in use until the overwriting and deletion occurs.

 

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

dfinkelstein's picture

From the PGP Desktop User's Guide:

 

Note: When set for three passes, PGP Shredder exceeds the media sanitization requirements specified in the Department of Defense 5220.22-M standard. While more passes are allowed, modern disk hardware does not require more than two passes. Security continues to increase up to approximately 28 passes. The PGP Shredder feature is capable of up to 49 passes, but remember that more passes means more time needed for secure deletion. 

--------

David Finkelstein

Symantec R&D

Mr.Proper's picture

Thanks both of you for clarifications.

If any other questions arose, I’d know where I’d be able to get them solved.

Kind regards,
Alexei.

Tom Mc's picture

If you consider this sufficiently addressed, please use the Mark As Solution option on the most helpful response.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &