Schneier Method (Data Sanitization Method)

Is the Schneier method a good way to erase data?

Photo of a document being shredded
Kelly Redinger / Getty Images

The Schneier method is a software-based data sanitization method used in some file shredder and data destruction programs to overwrite existing information on a hard drive or other storage devices.

Erasing a hard drive using the Schneier data sanitization method will prevent all software based file recovery methods from finding information on the drive and is also likely to prevent most hardware-based recovery methods from extracting information.

In short, the Schneier method overwrites the data on a storage device with a one, and then a zero, and finally with several passes of random characters. There's more detail on this below, as well as a few examples of programs that include the Schneier method as an option when erasing data.

What Does the Schneier Method Do?

All data sanitization methods work in a similar fashion but they aren't always implemented in the same way. For example, the Write Zero method overwrites data with zeros only. Others, like Random Data, just use random characters. HMG IS5 is very similar in that it writes a zero, then a one, and then a random character, but only one pass of a random character.

However, with the Schneier method, there's a combination of multiple passes of random characters as well as zeros and ones. This is how it's normally implemented:

  • Pass 1: Writes a one
  • Pass 2: Writes a zero
  • Pass 3: Writes a stream of random characters
  • Pass 4: Writes a stream of random characters
  • Pass 5: Writes a stream of random characters
  • Pass 6: Writes a stream of random characters
  • Pass 7: Writes a stream of random characters

Some programs may use the Schneier method with small variations. For example, some applications may support a verification after the first or last pass. What that does is confirms that the character, like a one or random character, was actually written to the drive. If it wasn't, the software might tell you or just automatically restart and run through the passes again.

There are some programs that let you customize the passes, like do an extra zero write after Pass 2. However, if you make enough changes to the Schneier method, it doesn't really remain that method. For example, if you removed the first two passes and then added several more random character passes, you'd be building the Gutmann method.

Programs That Support Schneier

Several different programs let you use the Schneier method to erase data. A few examples are Eraser, Securely File Shredder, CBL Data Shredder, CyberShredder, Delete Files Permanently, and Free EASIS Data Eraser.

However, as we said above, some file shredders and data destruction programs let you customize what goes on during the passes. This means that even if they don't have this method available, you could still "build" the Schneier method in those programs using the structure from above.

Most data destruction programs support multiple data sanitization methods in addition to the Schneier method. If you want, you can most likely pick a different data wipe method once you have the program open.

More Information on the Schneier Method

The Schneier method was created by Bruce Schneier and appeared in his book Applied Cryptography: Protocols, Algorithms, and Source Code in C (ISBN 978-0471128458).

Bruce Schneier has a website called Schneier on Security.

Special thanks to Brian Szymanski for clarification of some details on this piece.

Was this page helpful?