23

I am searching for a software that would encrypt data and then delete it (as opposed to just deleting or wiping).

With that, even if the file is recovered, you still have to break the encryption to get the data.

I suppose manually I could encrypt the files through GPG and then delete them but I was wondering if there a more automated option through specialized software.

Jeff Ferland
  • 38,090
  • 9
  • 93
  • 171
Rayesh
  • 255
  • 2
  • 3
  • 21
    Why not just overwrite the file with random data, e.g., using `shred`? What do you hope to gain by encrypting the file? The only benefit I can see is that if you change your mind and decide to recover the file, it's possible as long as you have the enryption key (but you didn't specify this in your question, so I can't be sure that you want this capability). – apsillers Sep 17 '12 at 13:49
  • 6
    Even if you do this. The previous copy would not be encrypted and theory could be recovered. A hdd will often move a file or be in seperate sectors if its fragmented. If you want to do this right, start with the file being encrypted, never have a file that isn't encrypted. – Ramhound Sep 17 '12 at 14:00
  • 2
    The crux of the issue is it should be encrypted before it gets deleted. "Way before" as in at moment of first opportunity and well before it gets stored to disk. – bmike Sep 17 '12 at 17:04
  • Well, what you're saying is that it should be encrypted before (or as) it is saved in the first place. – Craig Tullis Nov 03 '20 at 05:25

9 Answers9

74

I understand why you are asking and you are kinda on the right track. You think that if you encrypt the data before shredding it that if someone was able to reconstruct the data all they would get is encrypted data. It's a good thought, however when you encrypt a file it makes an encrypted copy of the file on another part of the file system. The original still has to be shredded anyway, either manually or automatically by the utility. So by encrypting it then shredding the encrypted file you're actually leaving 2 copies of the file rather than one, causing a net decrease in security.

GdD
  • 17,291
  • 2
  • 41
  • 63
40

I am sorry, but this approach does not work because the encrypted files are likely stored at another location on your hard drive.

For the same reason shred does not work reliably anymore either. The decision where to store data on a hard drive is made by the controller on the device. The operating system may give a hint, but the controller will find a suitable location.

On solid state disks the number of writes to each location is limited, so the controllers are very sophisticated and spreading writes around. But even on old style disks the controllers try to avoid possible bad sectors.

Possible Solutions

  • Use full disc encryption. This way plain information is never written to the medium.
  • If that is too late, wipe the complete disk.
  • And of course there is the low tech solution: Physically destroy the medium
Hendrik Brummermann
  • 27,118
  • 6
  • 79
  • 121
  • 1
    Along the "wipe the complete disk" track - Darin's Boot And Nuke (dban.org) is a good tool for this task, at least for non-SSD drives (I haven't looked into it for SSDs), as part of its erasure is various methods of writing over the sectors on the drive. – Shauna Sep 17 '12 at 14:37
  • There are tools (like [eraser](http://eraser.heidi.ie/)), that can wipe all unused disk space (fill it up until it's full), this could be an alternative to wipe the whole disk. – martinstoeckli Sep 17 '12 at 19:03
  • Full disk encryption FTW. All of the OP's troubles would be negated by this fact. That is, assuming that encryption will not be compromised. – NickSuperb Sep 19 '12 at 06:25
15

Your concept is a good one, but there's actually a more efficient method called file shredding. Instead of just marking the sectors as free, shredders first overwrite those sectors with data. This data may be a sequence of zeros, or random values. The goal is to prevent recovery by making the data on the disk unreadable.

On Linux, you can use shred:

shred -u <file_name>

By default, this overwrites the sectors 3 times. You can alter this count using the -n switch:

shred -n <count> -u <file_name>

However, even a single pass will do the job for software-based recovery.

If you're worried about attackers with a lot of patience and a lot of money, you might want to take a look at data recovery techniques that can retrieve data even after it's been overwritten on the disk. More complex analysis, such as magnetic force microscopy, might be able to recover data that has since been overwritten. However, a large number of experts (including the NSA) consider this to be near impossible with modern drives.

Despite this, there are standards that attempt to make analysis of the disk surface more difficult. These aim to apply certain bit patterns such that any latent information is degraded beyond recovery. These patterns are designed based on the physical construction of magnetic disks. For example, the pattern "0xF6, 0x00, 0xFF, random, 0x00, 0xFF, random" (i.e. one whole pass of each) is designed to eliminate data traces from standard magnetic platters. Alternative methods use different types of patterns for different devices, with some using dozens of passes. However, this is mainly thought to be unnecessary, even for classified data.

Further reading:

Polynomial
  • 132,208
  • 43
  • 298
  • 379
  • 4
    I always wondered: **if** you really need this kind of certainty, isn't it many times easier/cheaper/safer to just physically obliterate the disk? Physically shred it to near-dust and then melt it down. The price of the disk surely can't be an issue at this level. – Joachim Sauer Sep 17 '12 at 10:32
  • 2
    @JoachimSauer It's only recently (in the last 5-10 years or so) become cheap enough to do that. Magnetic degaussing isn't flawless or cheap, and physical disk shredders are very expensive to buy and run too. But you're right, the current "optimal" method is indeed to buy a new disk and destroy the old one. – Polynomial Sep 17 '12 at 10:45
  • @Polynomial So... it's possible to recover data from a disk you've taken a hammer to, and smashed into pieces? 'Cause that's gotta be the cheapest and easiest of all.. – Izkata Sep 17 '12 at 13:54
  • His concept is actually horrible. The only real solution to data security is encryption. This not only prevents all known ways to recover a file, since all you would be able to recover is random data, and there is not guarantee what is recovered is correct. Of course the ultimate solution is to destroy the media itself, but sort throwing the baby out with the bath water, no reason storage media cannot be used again. – Ramhound Sep 17 '12 at 14:04
  • @Ramhound it is not always possible or desired to encrypt data at runtime. Not only does it give a performance penalty, but sometimes you just have to deal with legacy or customer data which just isn't encrypted. Shredding the data is a standard way of dealing with this. In fact, if you follow the links in this answer you'll see that there are even accepted standards for doing so. – Stefan Seidel Sep 17 '12 at 16:07
  • 3
    @Izkata: hammering, electromagnetic damage, and fire isn't a reliable way to destroy data, with appropriate tools and skills it is still possible to recover a fairly large amount of data from the remnants. You need to either melt or chop the disk into dusts if you really want to make sure noone can recover anything. – Lie Ryan Sep 17 '12 at 18:12
  • 1
    @LieRyan I'm a little skeptical that hammering a disk (the actual platters) into pieces and then burning it isn't good enough. Recovering data under those circumstances would be impossible, or at least as improbable as brute-forcing a strong encryption algorithm in a short period of time. Unless you can provide examples where someone has actually done this successfully. – Phil Sep 17 '12 at 20:44
  • @Phil: well, as long as your harddisk doesn't contain, up say, Al Qaida's next plan for global nuclear warfare, perhaps nobody would spend the time and effort to recover from shattered disk parts, so yeah, you're right it's for all practical purpose unrecoverable. But it's doable, and since the cost to mitigate that sort of risk is small enough, so why not do it? – Lie Ryan Sep 18 '12 at 04:30
  • 1
    Agreed. Unless you're literally planning the next 9/11, nobody is going to spend the time or money analysing your old disks. Take a hammer to it until you hear the platters smash. If you're super-paranoid, do a single-pass wipe of random data over the disk beforehand. – Polynomial Sep 18 '12 at 05:52
  • But let me look at it another way: when I last visited a major vendor talk, I saw 3 or 4 demonstrations of hard drive destruction equipment. The only one that was certified for use in destroying government documents marked as "secret" took a hard drive and turned it into 1cm³ blocks, then put those blocks through a degausser. Note that this was only done *after* the agency in question had done a software-level wipe of the disk. If you're really worried about the NSA or GCHQ, then you're going to need some **very** expensive equipment. – Polynomial Sep 18 '12 at 05:56
  • @LieRyan MFM isn't actually that useful against modern disks. If you smash the platters, you can still read it, but a multi-pass software-level wipe of the data (e.g. 0x00, 0xFF, random) really will make it nearly impossible to read the data. A combination of that and physical damage should do the job for anything but military purposes. – Polynomial Sep 18 '12 at 06:02
  • @Polynomial - If a non-SSD drive has been encrypted and if the partitions are deleted thereafter followed by formatting the drive e.g. mkfs.vfat, will that ensure data is no recoverable? – Motivated Jan 11 '19 at 06:08
  • 1
    @Motivated As soon as you wipe the disk the master key header is wiped so it can no longer ever be recovered. – Polynomial Jan 11 '19 at 14:51
4

In a Linux shell this would look like:

shred -u your_file.xxx
Lachezar Balev
  • 537
  • 1
  • 3
  • 10
  • 1
    TIL there’s a loaded, unsecured shotgun in the trunk of every Linux. – Konrad Rudolph Sep 17 '12 at 12:32
  • 2
    @KonradRudolph, it's been there forever. It's called dd. – gowenfawr Sep 17 '12 at 14:05
  • @gowenfawr True, hadn’t thought of that even though I’ve used `dd` previously to shred files. :) – Konrad Rudolph Sep 17 '12 at 14:08
  • 4
    Then there was a time I needed to format a floppy disk and my Sparc IPX didn't have a 3.5" drive, but my officemate's did... since she was in a meeting I just popped it in and ssh'ed over to run 'fdformat /dev/sda'. After it had run for a minute without completion, I realized that I typed sda (SCSI disk) instead of fda (Floppy disk) by mistake... I had friends guard the door while I reinstalled SunOS on her system. – gowenfawr Sep 17 '12 at 14:39
3

Yes, you can use a file shredder rather than encrypting it. That's a better solution.

Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
3

As many before me have stated, I think you need to re-think your solution. However, I could recommend to encrypt it with TrueCrypt, when doing so - you can choose to do a wipe of the existing memory.

This will leave you with an encrypted harddrive, and no possibility of forensic methods recovering your old data. ALSO all your future data will be safe since they will be encrypted.

  1. Go to http://www.truecrypt.org/.
  2. Download their software, run it on your computer.
  3. Create a new encrypted space encompassing all of your hardrive, do not forget to choose to wipe existing data.

Good luck.

/Edit.

Of course the security of future data resides in your choice of cipher, password etc.

If you choose to Wipe with for example Gutmann 35 passes, it could take a long time.

Gman
  • 31
  • 1
1

Zeroization (overwriting with zeros) is the standard preferred option for this.

Encryption is generally seen as something that can be decrypted eventually. You're correct that the residual data will still be on most operating systems after a delete operation is performed - for ease of use, most OSes will simply delete the reference to the file, leaving the data intact if one is smart enough to know how to recover it.

Since after a deletion it shouldn't matter whether or not the data is recoverable, the standard process is to overwrite the memory with all 0's, elminating the data entirely. That saves the CPU effort of encrypting the data, and eliminates the possibility that the attacker could find, or brute force, the encryption key.

bethlakshmi
  • 11,606
  • 1
  • 27
  • 58
  • 1
    simple zeroization is not sufficient if you really need to secure your data, through analysing the remnant magnetic pattern in the disks, it is possible to recover the data before the disk is zeroed. This process is expensive and complicated though, so for many people simple zeroization might be suffice. However, if you really need to secure your data without destroying the media, you need a shredder program that will overwrite the disk with a set of patterns designed to destroy this remnant patterns. – Lie Ryan Sep 17 '12 at 18:30
  • Fair enough, but I'd say that if your other thought was encryption for the purpose of deletion protection, zeroization will still up your game for pretty cheap. – bethlakshmi Sep 18 '12 at 12:49
1

File Murder seems to do what you are asking Though I am not sure how well since I have never used it myself and it may not support newer versions of Windows very well. You can find it here. I would also suggest that you search out information on the CMRR SAFE method of reliably erasing hard disk drives and solid state media. Good Luck.

Jeff Gibbs
  • 11
  • 1
-1

Here's a thought. It's not exactly what you are intending but more of an alternative solution to the problem. In Windows Command Prompt(and I'm sure there's something similar for Unix-like systems), the command cipher deals with disk encryption and wiping. As displayed in your question, you seem to understand that when data is "deleted" for efficiency purposes that area isn't legitimately destroyed and just marked off as a free sector that can be written over in the future; meaning it can still be recovered. The syntax would be cipher /w:<your drive>. I believe what it does is write over the sectors with random numbers, and the speed of the command depends on your drive speed of course. Here are the catches:

  • (I don't think) There is an option to only use it on a specified folder, it must be used on the entire drive.
  • Given the first catch this can take quite some time, which is not very good considering it seems your data is very sensitive and must be obfuscated as soon as possible

And then there's one pro unique to this:

  • Sense it uses RNG and no cryptographic protocols, it's not like there's a key that could be discovered, algorithm to be cracked, vulnerability to be used etc.
Cipher Visor
  • 82
  • 7
  • Instead of guessing, it is easy to look up: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/cipher – schroeder Nov 02 '20 at 23:22