From 97154aaf51efe787dd1678c8e1baeeb65ce46fe1 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sat, 26 Jul 2014 17:46:17 +0200 Subject: Lower number of times we overwrite volume header during the encryption of a partition if the user choose to wipe the driver. Latest studies show that even one pass is enough to make data irretrievable. A value of 3 is a conservative approach that enhance performance without scarifying security. http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html http://digital-forensics.sans.org/blog/2009/01/15/overwriting-hard-drive-data/ --- src/Common/Crypto.h | 3 +++ src/Format/InPlace.c | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index e66ac18c..ac925094 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -159,6 +159,9 @@ typedef struct # define PRAND_DISK_WIPE_PASSES 256 #endif +/* specific value for volume header wipe used only when drive is fully wiped. */ +#define PRAND_HEADER_WIPE_PASSES 3 + #if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) # include "Aes.h" #else diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 228e2e5f..b1bfac98 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -501,7 +501,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol area is occuppied by data until the very end of the process). */ // Prepare the backup header - for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++) + for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) { nStatus = CreateVolumeHeaderInMemory (FALSE, header, @@ -518,7 +518,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol 0, volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, volParams->sectorSize, - wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1)); + wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); if (nStatus != 0) goto closing_seq; @@ -969,7 +969,7 @@ inplace_enc_read: SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); - for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++) + for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) { nStatus = CreateVolumeHeaderInMemory (FALSE, header, @@ -986,7 +986,7 @@ inplace_enc_read: masterCryptoInfo->RequiredProgramVersion, masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, masterCryptoInfo->SectorSize, - wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1)); + wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); if (nStatus != ERR_SUCCESS) goto closing_seq; -- cgit v1.2.3