ERASE- EntRopy-based SAnitization of SEnsitive Data for Privacy Preservation

Effective and efficient sanitization of digital storage media is essential from both an information security as well as a digital forensics standpoint. The method proposed in this paper, ERASE, unlike brute force methods, computes the entropy of each data block in the target area, and if the entropy is within the specified sensitivity range, then that block is wiped with a user specified number of passes and pattern. ERASERS, an enhancement to ERASE that employs random sampling, is also proposed. ERASERS divides the given population into numerous subpopulations and uses random sampling to sample blocks from each subpopulation. Then, it computes the entropy of each sampled block, and if the entropy of any sampled block in the subpopulation is within the sensitive entropy range, which is a tunable parameter, then the entire subpopulation is wiped. The random sampling component of ERASERS gives organizations an alternative for a faster wipe as compared to regular brute force methods of overwriting. Our research resulted in different levels of sanitization for different time windows, a factor most organizations will consider when wiping large disks. According to Seagate, in 2011, the average size of hard drives they shipped that year was 590 GB [1]. Overwriting a 590 GB hard drive with one pass of random data, takes approximately 14.6 hours using dd. However, ERASE optimizes the data overwriting process allowing it to sanitize a 590GB hard drive in 9 : 5 hours, assuming 50% of the data on the drive is within the sensitive entropy range, thereby achieving a performance improvement of approximately 34.8%. If a wipe pattern of 1 pass using /dev/zero as the source is used, dd takes approximately 1.584 hours and ERASERS takes 0.85 hours in its best case performance and 1.580 hours in its worst case performance, assuming 50% of the data is within the sensitive entropy range. Thus, achieving a performance improvement in the range of 0.2% - 46.6%.