美国国防部机密文件销毁算法
当我们在系统里“删除”了一个文件时,并不意味着这个文件就一定从磁盘上清除了,很多优秀的文件恢复软件都可以恢复被删除的文件,这在一定程度上就带来了隐私泄露的隐患。好在现在很多软件,比如360、电脑管家等等软件都集成了文件粉碎的实用功能。今天介绍一种以前被用于美国国防部的机密文件销毁算法,并附上实现的代码(C)。
算法介绍:
美国国防部DOD5220.22M文件销毁标准包括以下三步:
- 将文件先用0x00覆盖,再用0x01覆盖,如此重复三次;
- 将文件用一个随机值覆盖;
- 将文件名改为一个单字符文件名,最后删除之。
算法可靠性验证:
此算法虽然已经不再被美国国防部采用,但也足够应付一般的环境,主流文件恢复软件恢复的可能性还有待验证。
实现:
1 /* 2 * File Destroyer 文件安全销毁 3 * 4 * Copyright (C) 2015 Chaobs 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program. If not, see <http://www.gnu.org/licenses/>. 18 * 19 * E-mail: chaobs@outlook.com 20 * Blog: www.cnblogs.com/chaobs 21 * 22 * 用法: file-destroyer [filename1] <filename2>... 23 * 24 * 算法介绍: 25 * 基于美国国防部DOD5220.22M标准进行文件销毁,包括以下三步: 26 * (1)将文件先用0x00覆盖,再用0x01覆盖,如此重复三次; 27 * (2)将文件用一个随机值覆盖; 28 * (3)将文件名改为一个单字符文件名,最后删除之。 29 * 30 * 算法可靠性验证: 31 * 此算法虽然已经不再被美国国防部采用,但也足够应付一般的环境,对于主流文件恢复软件恢复的可能性还有待验证。 32 * 33 */ 34 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <time.h> 38 39 40 void notice(int i, char *s); /* print short notice */ 41 42 void wipe(FILE *f, char c); /* core func */ 43 44 long file_size(FILE *f); /* get the size of a file */ 45 46 int require(int c, char *s[]); 47 48 49 int main(int argc, char *argv[]) 50 { 51 int i, j; 52 char ch; 53 54 FILE *f; 55 56 notice(1, argv[0]); 57 58 if (argc < 2) { 59 /* too few arguments */ 60 notice(2, argv[0]); 61 exit(0); 62 } 63 64 if (!require(argc, argv)) { 65 fprintf(stderr, "Cancel Operating.\n"); 66 exit(0); /* cancel */ 67 } 68 69 srand(time(NULL)); /* randomize */ 70 71 for (i = 1; i < argc; ++i) { 72 /* process each file */ 73 74 if ((f = fopen(argv[i], "r+b")) == NULL) {/* fail to open file */ 75 fprintf(stderr, "Error when open %s:\n", argv[i]); 76 exit(0); 77 } 78 79 for (j = 0; j < 3; ++j) { 80 /* DOD5220.22M Step 1 */ 81 wipe(f, 0x00); 82 wipe(f, 0x01); 83 } 84 85 wipe(f, rand() % 256); /* Step 2 */ 86 87 if (rename(argv[i], "C")) { 88 /* Step 3*/ 89 fprintf(stderr, "Error when rename %s\n", argv[i]); 90 exit(0); 91 92 /* XXX:文件名冲突的解决?可以考虑使用tmpnam()吗?*/ 93 } 94 95 remove("C"); /* XXX:如果是一个符号连接怎样保证删除的是真正的文件? */ 96 fclose(f); 97 } 98 99 printf("Done! Destroy %d files\n", argc - 1); 100 101 return 0; 102 } 103 104 105 /* implementation */ 106 107 void notice(int i, char *s) 108 { 109 if (i == 1) { 110 printf("\nFile Destroyer Copyright (C) 2015 Chaobs\n"); 111 printf("This program comes with ABSOLUTELY NO WARRANTY.\n"); 112 printf("This is free software, and you are welcome to redistribute under certain conditions.\n\n"); 113 } else { 114 fprintf(stderr, "Usage: %s [filename1] <filename2> ...\n", s); 115 } 116 } 117 118 void wipe(FILE *f, char c) 119 { 120 long i; 121 122 for (i = 0; i < file_size(f); ++i) 123 fwrite(&c, 1, 1, f); /* overwrite */ 124 125 } 126 127 long file_size(FILE *f) 128 { 129 long len; 130 fseek(f, 0, SEEK_END); /* jump to the and of file */ 131 len = ftell(f); 132 fseek(f, 0, SEEK_SET); /* restore */ 133 } 134 135 136 int require(int c, char *s[]) 137 { 138 int i; 139 char ch; 140 for (i = 1; i < c; ++i) { 141 /* FIXME: the comfirm function can make mistakes and 142 * it is not convenient even can't work in some cases. 143 */ 144 printf("Do you want to destroy %s ?(y/n) ", s[i]); 145 ch = getchar(); 146 getchar(); /* '\n' */ 147 if (ch == 'n') 148 return 0; 149 } 150 151 return 1; 152 }
当然这样的实现有一个显著缺点——当文件很大时,删除将会占用大量时间,感兴趣的可以自己改进。
This is free software, and you are welcome to redistribute it
under certain conditions
不要想你能为世界做什么,想想你该为世界做什么!
2427
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
