search

martijnvanbrummelen / nwipe

nwipe secure disk eraser
GNU General Public License v2.0
785 stars 86 forks source link

How to ensure high PRNG quality? #596

Open Knogle opened 2 months ago

Knogle commented 2 months ago

Ahoy,

I've been thinking about the overall quality of PRNGs (Pseudorandom Number Generators) and their importance. The initial entropy verification process only gives an indication of the quality of the overall data stream, but it doesn't fully guarantee it.

I’m considering adding another wipe option called something like PRNG Stream (Verified) or something similar. There could be use cases where this would be important for NIST SP 800-22 or BSI compliance, especially in scenarios where secure data erasure is critical.

The idea would be to write random data, run the verification pass, and then, as a final step before blanking, run the NIST Suite with a 0.1 ratio on the block device itself. Based on my tests, this would take about 60 seconds for a 16TB drive, but it would provide a high-quality and accredited report for NIST SP 800-22 compliance in data erasure.

I think this approach could be valuable, especially in Germany, where there may be cases that require this level of certified data erasure. What do you think? This could be an interesting option for environments where compliance is a top priority. Similar paid tools like from blancco offer such things.

Looking forward to your feedback!

PartialVolume commented 2 months ago

@knogle

I think it would be a useful addition. I had thought about doing something like that in the past, just for development purposes a means to verify the quality of the prng would make it very useful for me personally.

If DBAN had something like that, then maybe they wouldn't have realised a broken prng. For those that don't know, the last DBAN release in 2015 has a bug where if you set a certain prng via a command line option it will say it's writing a prng but in fact is writing un-initialised memory to the disc!

So I'm all for this feature.

Knogle commented 1 month ago

Sounds great! I will look for a way to implement it.

Some question we have to discuss maybe.

PartialVolume commented 1 month ago
  • Where do we want to implement it? In method.c (As part of a new wiping "method" like Advanced PRNG or something similar. or in pass.c, as an additional verification method in addition to random_verifiy.

Initially I thought an additional verification method in pass.c. then thought maybe as a method as you could then run on a disc that has already been prng wiped. Maybe both! However for simplicity, to start with just create as a method and then once it's working nicely we will look at having a switch in the command line options and GUI to enable PRNG entropy analysis if final pass is PRNG. However, like I said it's probably best to keep it to a method to start with. Please create a new feature branch rather than add it to any existing PRs.

  • Another one, do we want to check each block for entropy, or the overall quality of the block device. There are different methods on achieve the 2nd approach.

I would have thought the overall quality of the block device. I'm assuming in both cases you do read every block, however, the analysis is running incrementally block by block for the overall analysis, as opposed to restarting the analysis from scratch for every block.

TheSurfMachine commented 2 weeks ago

@Knogle Can I ask is the PRNG Stream the latest updated and modern way of erasing?

I've not read the latest NIST info, but know it was quite stale with aged info for a long time.

In the recent past I have usually used DoD Short 3 pass with 100% verify. I try to use just one best over-all "Method" for all my wiping/erasing tasks. The DoD Short is just been a good mix between a good wipe option and time to execute and complete.

I'd like to have Nwipe "Default" to that method, or PRNG Stream/Verified of Nwipe first execution. I'm not sure if that is possible, as I am not sure if @martijnvanbrummelen is selecting the most common method for EU and not USA or how the default method is decided.

For myself, I just want the best "Umbrella Wipe Option" which would take into three main factors: 1) NIST listed compliance or suggested method 2) 100% Verify of Wipe/Erase 3) Best or accepted method for USA Hippa compliance

The most stringent companies I have worked for are oil & gas and pharmacuetical companies and they usually required the above listed criteria.

The "Certificate" with the Bar Code is the most critical for me though as often it is needed for Risk Assessments, Audits, HIPPA Compliance, and the companies often have them stored in a Repository. The autonaming of the PDF has already been implemented for a while now and it critical also as it allows for searching the certificate repository by serial number of device, which is a nightmare if serial is not in part of certificate name.

Personally, I think it is all overkill, but possibly a neccessary evil. I mean, we get the PC's, format the hdd's, image them, encrypt them, reimage device and reassign to a new user if required here the hdd gets re-encrypted, then if they get turned in for EOL/Recycle we wipe them yet again. About 97% of the systems are used by unimportant roles which have undesireable data. I'm not an expert, and am just trying to find a good program to wipe hdd/ss/nvme in the most automated fashion, in the least amount of time, with the most optimal method to conform to as many possible entities as possible.

All that, to say this: The most optimal method, most modern and conformaing to as many entities as possible is preferred at the default/quick start settings. (Not complaining, but it is a hassle to manually go through and set the settings for each device.) Your PRNG Stream (Verified) idea sounds very appealing, especially for ORGS who have high standards, compliance needs, etc...