パスワードを忘れた? アカウント作成
609611 journal

bananan_wの日記: いい加減に斜めに読んだ

日記 by bananan_w

NSA準拠

1 Random
2 Random
3 zero

DoD 5220.22-M

Overwrite all addressable locations with a character, its complement, then a random character and verify. THIS METHOD IS NOT APPROVED FOR SANITIZING MEDIA THAT CONTAINS TOP SECRET INFORMATION.

AR380-19

Overwrite all locations three times (first time with a random character, second time with a specified character, third time with the complement of the specified character).

AFSSI 5020

3.3.1. Clearing. Functioning sealed drives and Bernoulli cartridges may be cleared by overwriting all addressable locations with binary zeros (i.e., 0000 0000) then binary ones (i.e., 1111 1111). Then, overwrite all addressable locations with any character (i.e., "a"). Verify the overwrite procedure by randomly re-reading (recommend 10%) the overwritten information to confirm that only the overwrite character can be recovered. This media may also be cleared using a Type I1 degausser.

3.3.2. Sanitizing. Sealed disk drives willshall be sanitized by either overwriting or degaussing. Bernoulli cartridges will be sanitized by degaussing only. Use the following as guidance:

3.3.2.1. Functioning sealed drives may be sanitized by performing three overwrite cycles of all addressable locations. Afterwards, overwrite all addressable locations with any character (i.e., "a"). Verify the overwrite procedure by randomly re-reading (recommend 10%) from the drive to confirm that only the overwrite character can be recovered.

AFI 33-202

AFSSI 5020 に準拠しろぐらいにしか書いてないな。2003/9 より前のヴァージョンには消去方法が定義されていたのかしら?

NAVSO P-5239-26

(1) The preferred method for disk data storage media that may be purged by overwriting is to:

(a) Write all 1's to every block.

(b) MFM: Write a "1" in low order bit; a "0" in the next most significant bit; and "1"s in the remaining bits comprising the data block. RLL: Write "0010011111..1111" (least significant bit ... most significant bit) for 32 bits and repeat this pattern throughout the data block. Repeat the appropriate pattern for all addressable data blocks.

(c) Write a nonlinear pseudorandom bit sequence to all locations. This sequence is not predictable without knowledge of the generating algorithm. One such sequence is the output of an encrypting algorithm (e.g., Data Encryption Standard). In this application a biased algorithm (i.e., producing more zeros than ones (or vice versa)) is acceptable. The sequence should not repeat at the same offset on any two blocks on the disk drive. A different starting point for the pseudorandom bit sequence should be used for each disk drive.

(d) Verify the overwrite by reading the last data written to the data storage media. You should read nothing but the pseudorandom sequence.

(2) An alternate method when the required data patterns cannot be generated is to use the following simpler but less effective technique:

(a) Write a single character (e.g: hex EB) to all addressable locations.

(b) Write the previous character's compliment (i.e., hex 14) to all addressable locations.

(c) Write a random character (e.g., hex 5C) to all addressable locations.

(d) Verify the overwrite by reading the last data written to the data storage media. You should read nothing but the random character.

NCSC-TG-025

Overwriting is a process whereby unclassified data are written to storage locations that previously held sensitive data. To satisfy the DoD clearing requirement, it is sufficient to write any character to all data locations in question. To purge the AIS storage media, the DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101, followed by 1100 1010, then 1001 0111. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on differing DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data.

Peter Gutmann

1 Random
2 Random
3 Random
4 Random
5 01010101 01010101 01010101 0x55
6 10101010 10101010 10101010 0xAA
7 10010010 01001001 00100100 0x92 0x49 0x24
8 01001001 00100100 10010010 0x49 0x24 0x92
9 00100100 10010010 01001001 0x24 0x92 0x49
10 00000000 00000000 00000000 0x00
11 00010001 00010001 00010001 0x11
12 00100010 00100010 00100010 0x22
13 00110011 00110011 00110011 0x33
14 01000100 01000100 01000100 0x44
15 01010101 01010101 01010101 0x55
16 01100110 01100110 01100110 0x66
17 01110111 01110111 01110111 0x77
18 10001000 10001000 10001000 0x88
19 10011001 10011001 10011001 0x99
20 10101010 10101010 10101010 0xAA
21 10111011 10111011 10111011 0xBB
22 11001100 11001100 11001100 0xCC
23 11011101 11011101 11011101 0xDD
24 11101110 11101110 11101110 0xEE
25 11111111 11111111 11111111 0xFF
26 10010010 01001001 00100100 0x92 0x49 0x24
27 01001001 00100100 10010010 0x49 0x24 0x92
28 00100100 10010010 01001001 0x24 0x92 0x49
29 01101101 10110110 11011011 0x6D 0xB6 0xDB
30 10110110 11011011 01101101 0xB6 0xDB 0x6D
31 11011011 01101101 10110110 0xDB 0x6D 0xB6
32 Random
33 Random
34 Random
35 Random
上記データで順に上書き

この議論は賞味期限が切れたので、アーカイブ化されています。 新たにコメントを付けることはできません。
typodupeerror

最初のバージョンは常に打ち捨てられる。

読み込み中...