DoD 522.22-M & ECE wipes vs NIST 800-88 clear & purge.

[pogue]

The US government has stopped using the DoD 5220.22-M & ECE wipes and are now using a standard from NIST called NIST 800-88 Clear and NIST 800-88 Purge.

NIST Special Publication 800-88 Revision 1 Guidelines for Media Sanitization: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf (PDF)

This document covers both the 800-88 Clear and 800-88 Purge.

From Wikipedia:

Quote

With the increasingly connected world, it has become even more critical that governments, companies, and individuals follow specific data sanitization protocols to ensure that the confidentiality of information is sustained throughout its lifecycle.  This step is critical to the core Information Security triad of Confidentiality, Integrity, and Availability.  This CIA Triad is especially relevant to those who operate as government contractors or handle other sensitive private information.  To this end, government contractors must follow specific data sanitization policies and use these policies to enforce the National Institute of Standards and Technology recommended guidelines for Media Sanitization covered in NIST Special Publication 800-88.^[3] This is especially prevalent for any government work which requires CUI (Controlled Unclassified Information) or above and is required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting ^[4]While private industry may not be required to follow NIST 800-88 standards for data sanitization, it is typically considered to be a best practice across industries with sensitive data. To further compound the issue, the ongoing shortage of cyber specialists and confusion on proper cyber hygiene has created a skill and funding gap for many government contractors.

Source

Quote

How do NIST Clear and Purge methods erase ATA hard disk drives and SSDs?

NIST Clear and Purge are the preferred methods for sanitizing media (wherever feasible & sufficient). That's because both Clear and Purge methods rely on logical techniques – overwrite, block erase, and cryptographic erase – to sanitize the media. So, there's no e-waste generation and also the storage media can be reused.

The following section outlines the specific techniques within NIST Data Erasure Standard:

1 - NIST Clear techniques for erasing hard disk drives and SSDs:

The NIST Clear method uses standard read/write commands, techniques and tools to overwrite all the user-addressable locations including logical file storage locations on an ATA hard drive or SSD with non-sensitive data (binary 1s and 0s).

The Clear pattern for media overwriting should include at least a single write pass with a fixed data value such as all zeros. Multiple write passes or values that are more complex may optionally be used.

Note: Overwriting on SSDs (flash storage) may reduce the effective lifetime of the media. Also, it may not sanitize the data in unmapped physical media.

2 - NIST Purge techniques for erasing hard disk drives and SSDs:

The NIST Purge method involves Overwrite, Block Erase, and Cryptographic Erase as the logical techniques for sanitizing ATA hard disk drives and SSDs.

The Purge method uses the overwrite EXT command to overwrite – i.e. apply a single write pass of a fixed pattern (all 0s or a pseudorandom pattern) – on ATA hard disk drives. Optionally, it may apply three total write passes of a pseudorandom pattern so that the second write pass is the inverted version of the original pattern.

Block Erase is the secondary erasure method for SSDs, which "electrically" erases each block by using internal SSD functions. After successful implementation of the block erase command, the method applies binary 1s across all the user-addressable locations on the storage media and then repeats Block Erase.

NIST Purge also specifies use of Cryptographic Erase command to sanitize ATA hard drives and SSDs that support encryption. Cryptographic Erase can be optionally accompanied with single-pass Overwrite, Secure Erase or Clear techniques, based on the media support.

Key Considerations for NIST Clear and Purge Methods

Verify the sanitization technique:
It is important to verify the efficacy of Clear and Purge techniques. For instance, for the 3 pass ATA sanitize overwrite procedure with invert pattern, the verification process would simply look for the original pattern.

Reset the storage device's configuration capabilities:
Storage device configuration such as Host Protected Area (HPA), Device Configuration Overlay (DCO), or Accessible Max Address may hinder the ability to access the entire addressable area of the storage media. Therefore, these should be reset before implementing the sanitization technique.

Verify the Cryptographic Erase command individually:
Verify and ascertain successful completion of Cryptographic Erase before implementing additional sanitization techniques such as Clear or Purge. This is because not all implementations of media encryption are suitable for Cryptographic Erase as a Purge mechanism.

Evaluate media-specific use of ATA Secure Erase:
ATA Secure Erase serves only as a 'Clear' mechanism for flash memory, so there is a possibility that sensitive data may remain in areas such as spare cells that have been rotated out of use. So, use the SECURITY ERASE UNIT command only after ascertaining its efficacy, based on the type of media.

Source

[pogue]

You can delete this thread. NIST 800-88 Clear and NIST 800-88 Purge are not wiping schemes. I made a mistake and was unclear what I was reading from advertising and directly from NIST.

[nukecad]

It's useful information anyway, so I'll just edit it a little and move it to the Windows Security forum.