What Is the NCSC-TG-025 Method?

Details on the NCSC-TG-025 Data Wipe Method

NCSC-TG-025 is a software based data sanitization method used in some file shredder and data destruction programs to overwrite existing information on a hard drive or other storage device.

Erasing a hard drive using the NCSC-TG-025 data sanitization method will prevent all software-based file recovery methods from lifting information from the drive and is also likely to prevent most hardware-based recovery methods from extracting information.

Below is more information on this data wipe method like how it normally works as well as some programs that let you use it.

Shredded paper documents and waste paper basket
Gary S Chapman / Getty Images

What Does NCSC-TG-025 Do?

NCSC-TG-025 is similar to other data sanitization methods in that it passes over the data at least once in order to overwrite it with a zero, one, or random character. However, this method is unlike other methods like Write Zero that just overwrites the information with a zero, or Random Data that only uses random characters.

Instead, NCSC-TG-025 is commonly implemented in the following way, combining zeros, ones, and random characters:

  • Pass 1: Writes a zero and verifies the write
  • Pass 2: Writes a one and verifies the write
  • Pass 3: Writes a random character and verifies the write

The NCSC-TG-025 data sanitization method is exactly the same as the DoD 5220.22-M method and variations in how it's implemented will be similar.

As you can see, a program using this data wipe method will most likely verify that the data was successfully overwritten before moving on to the next pass. If the overwrite didn't complete for some reason, the software will most likely redo that specific pass until it can verify that the data has been overwritten, or it might just tell you that the verification didn't complete as expected so you that you can manually rerun it if you want.

Some programs that support data wipe methods like NCSC-TG-025 might actually let you build your own. For example, you can add more passes of zero overwrites if you'd like, or remove the verification on each pass.

However, any method you make that's different from what's written above is technically no longer the NCSC-TG-025 data sanitization method. If you customize this enough, you could build a different method entirely, like VSITR or Schneier, or really any method depending on how much you change.

Programs That Support NCSC-TG-025

While there are probably several others, the File Shredder tool in WinUtilities is one free program that lets you use the NCSC-TG-025 sanitization method. It can not only delete specific files but also entire folders and hard drives.

WinUtilities File Shredder overwrite methods

Another application that supports this data wipe method is Disk Shredder, but it's not free.

Most data destruction programs support multiple data sanitization methods in addition to NCSC-TG-025. With WinUtilities, for example, you can use this NSA data wipe method as well as DOD 5223-23M, Guttman, etc.

Like you read above, some applications let you build a custom sanitization method. Therefore, if a program lets you build your own but doesn't seem apparent that it supports NCSC-TG-025, you could just follow the same pattern as above to make the passes identical.

More About NCSC-TG-025

The NCSC-TG-025 sanitization method was originally defined in the Forest Green Book, part of the Rainbow Series of computer security guidelines, published by the National Computer Security Center (NCSC), a group that was once part of the US National Security Agency (NSA).

NCSC-TG-025 is no longer a data sanitization standard for the NSA. The NSA/CSS Storage Device Declassification Manual (NSA/CSS SDDM) lists only degaussing and physical destruction via incineration as NSA approved ways to sanitize hard drive data. You can read the NSA/CSS SDDM here (PDF).

Was this page helpful?