Schneier on Security
A blog covering security and security technology.
« Hacking Critical Infrastructure |
| Another Liars and Outliers Excerpt »
March 21, 2012
A way to securely erase paper:
"The key idea was to find a laser energy level that is high enough to ablate - or vaporise - the toner that at the same time is lower than the destruction threshold of the paper substrate. It turns out the best wavelength is 532 nanometres - that's green visible light - with a pulse length of 4 nanoseconds, which is quite long," Leal-Ayala told New Scientist.
"We have repeated the printing/unprinting process three times on the same piece of paper with good results. The more you do it, though, the more likely it is for the laser to damage the paper, perhaps yellowing it," he says. The team have found toner-paper combinations in which almost no appreciable traces of toner can be seen after lasing and in which the paper suffers "no significant mechanical damage."
EDITED TO ADD (3/21): More than one reader has pointed out that this system is not secure, nor do its inventors make any claims of security.
Posted on March 21, 2012 at 6:26 AM
• 32 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Or a way to change the content of a signed document.....
Although the three-level laser system works for all practical purposes, as exemplified by the first laser, a number of problems limit the effectiveness of this approach
Given the traces visible on the example photographs, this probably isn't terribly secure if used on its own. Great way to make un-shredding essentially impossible though!
@simon Seconded. Though there are other ways to do that.
This is generally why both parties to any important agreement get a copy.
Still not seeing the advantage over some gasoline and match...
I double-checked when I first read the headline to make sure its not yet 1 April...
What's the enviromental impact of lasers vs fire?
@Natanael L - you can reuse this paper immediately after it's been erased.
Admittedly you can reuse paper after you burn it - you just have to wait for the CO2 to be absorbed by trees, for the trees to grow and be cut down and turned into paper. This is just a bit faster.
This is not the first time a "remove the tonner" device has been invented.
Quite a few years ago a Far Eastern (S.Korea IIRC) company developed a machine that stripped of the toner by combined heat/chemical process (similar to the one used to transfer a photocopied image to a tee shirt etc).
The problem as @Simon has indicated is that the ink of pens and stamps/seals (still used in the Far East) did not get removed so the clean paper could just get put through a laser printer again.
An interesting way to obtain a sheet of paper with the stamp and signature of some person in charge which could be used to print a... well, pretty much anything.
Next, someone will come up with (if the NSA doesn't already have it) a technique for retrieving the latent image from an "unprinted" sheet of paper...
Wouldn't it be simpler to just forge the stamp and signature?
Interesting proof of concept, though.
What about the vaporised toner layer? Did anyone made an analysis on how that would affect people's health?
Imagine an office, with tonnes of papers being erased per day, that quantity isn't small. And, AFAIK, toner paint isn't the most innocuous substance...
@Simon -- True.
@Ben -- It doesn't matter if both parties have a copy; who's would be the authoritative copy? I could just as easily lower some numbers and claim you raised/added them.
With regards erasing and over printing, the previous tonner will leave a trace of it's presence, be it by residue or by the damage the laser does around the edge of the print being more damaged than those that were under the print.
The only question is how difficult it would be to detect, but I'd put a small wager it would show up under the likes of many lab tests, the question then falls to if the testing is one way or not (if it is it's undesirable as an evidence gathering process as the two parties cannot carry out independent testing to verify results).
@kevin: Microscopic examination of the documents could probably identify which one has been erased in this manner. I expect that the laser ablating could be detected by damage to the underlying paper. Even if it couldn't be, the re-written text could probably be detected by differences in font, toner composition or thickness, or being slightly offset from where the original text was.
@Simon, @Ben, @kevin:
They don't claim that the deletion procedure is undetectable, do they?
In fact, since they mention that repeated unprinting/reprinting eventually visibly damages the paper, I would believe that even a single run would leave some traces.
I wonder if special paper could be made that is "tamper-evident" in this respect, e.g., by meshing toner particles into it?
This is great for schools and universities who now could lift restrictions on how much you are allowed to print to reduce costs. Just erase the paper and reuse several times. If you are debugging some code you have written or proofreading an essay, just print, fix, recycle.
For sensitive material it is more of an extra precaution before shredding as I see it, not for recycling the paper.
Interesting idea for forging a document with signatures & seals. Most of the time, when checking a document for forgery, they look at the signature, seal, and other "special" parts of the document. In this case, a forged document would pass with flying colors, because everything they're looking at is authentic.
Rarely would someone think to authenticate the boring, plain laser printer content above the signature.
Is paper really that expensive? As Clive pointed out, this can't be used for security. As for recycling, since the paper degrades each time, how will you implement the tracking system that tells the printer a sheet has been used too many times and the risk of fiery death is too high?
As for code or essay review, I think digital editing systems were invented quite some time ago.
@Fredrik — I doubt that the paper cost is even half the cost of printing, once you account for the toner, the printer itself, and support/maintenance. And the "unprinting" gizmo is unlikely to be free. I'm having a hard time imagining an application for this tech.
@Captain Obvious Sure, it cant be used for security on its own, but combine this with traditional shredding and even those pesky DARPA kids and their challenges won't be able to figure it out. If vaporized toner is not harmful, I would like to know where I can buy the first shredder with green lazer addon.
"A way to securely erase paper"
Probably makes more sense as a way to re-use non-confidential documents (or as a precursor to shredding in places where you don't just burn the evidence).
It quite probably is secure - but are you going to bet on that when it really matters?
Actually following the link, I discover no claim there that it's a secure delete. In fact, I see it as a possible security risk, in that users might believe it's more secure than it is.
And that's just the confidentiality side - others above have commented on subverting authenticity.
The example images in the linked article are pretty clearly NOT a "secure deletion". The toner remnants are minor, but easily discernible. All you guys arguing about the security/contractual implications DID go check out the link, right?...
I'm just waiting for the guy that blogs about how he just put this cheap stuff on it or held it under the right kind of light & the words/images reappear.
What does this technique do to the yellow toner watermarking that is (nearly) invisible? Some printers use this to identify the printing source.
So, how much does this "laser" (Dr. Evil quote marks) cost as opposed to recycling the whole sheet? From an office perspective, shred everything not sensitive then recycle the bits seems to make the most sense. This ensures dumpster divers don't get lucky. If it's sensitive, shred then have it incinerated, and it never comes back again, even with a little tape and a whole lot of patience. Wow, I was able to work two movie villains, Dr. Evil and the Penguin, into a comment about lasers and shredding.
I wonder what a piece of tape would do to this tech. A checksum covered with a piece of tape might be a useful way of verifying a page, when used with a good OCR system. Useful but not perfect as no OCR system is 100%.
Also, I suspect that the erasure process may affect conventional ink even if it dosen't quite erase it. So scattering blocks for people to initial in may make a forgers job harder.
Hate to double post but with all the people talking about lab tests and visible traces I just wanted to defend my idea's:
a) They are cheep and DIY at the office.
b) They remove doubt that someone just stuck the wrong sheet of paper in the printer.
Of course just demanding virgin paper for legal purposes works too.
This is a pretty good recycling idea for reusing paper in a non-official capacity; as in, nobody else will care if there are remants of stuff from the toner removal if it's reused.
But I thought that once a sheet of paper has been sent through a laser printer and is charged/heated that toner won't effectively stick to it if it's sent through the printer more than once? Or has technology superseded that?
But I thought that once a sheet of paper has been sent through a laser printer and is charged/heated that toner won't effectively stick to it if it's sent through the printer more than once
It's quite complicated in that it depends on the surface finish and if there is already "fused tonner" where you want to put down more "tonner".
The two main effects are the quality drops and the used paper will muck up the printer or printing. For instance as the already fused tonner has a different surface texture the paper may not feed correctly because slightly worn "pinch rollers" won't pull evenly.
And there are stories that passing already fused tonner under the fuser wire again could cause the paper to catch fire and thus the printer. However I would take the story with a fairly large "pinch of salt" because it appears to have originated from organisations that "rented out" photocpiers and laser printers, and it appeared to be a way of getting the customer to pay for equipment "defects/poor maintenance" as "user damage".
I was once told by someone who used to be "in the game" that "The Devil is jealous of the contracts photocpier companies get, because he only gets peoples souls, they get all their money as well".
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.