Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013.

Slides:

Advertisements

Similar presentations

Advertisements

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

Chaos, Communication and Consciousness Module PH19510 Lecture 6 Radio Days.

Technician License Course Chapter 2 Lesson Plan Module 2 – Radio Waves & Signals.

Direct Attacks on Computational Devices

Advanced Radio and Radar

Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Data Transmission Slide 1 Continuous & Discrete Signals.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Introduction to Networking. Spring 2002Computer Network Applications Analog Devices Maintain an exact physical analog of (some form of) information. Ex:

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Module 3.0: Data Transmission

Wireless Sensor Network Security Anuj Nagar CS 590.

Introduction to Wireless Communication. History of wireless communication Guglielmo Marconi invented the wireless telegraph in 1896 Communication by encoding.

Communications and Networks Chapter 6. Objectives Defines the components required for successful communications Describe uses of communications Identify.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.

PROTOCOLSSTANDARDSEQUIPMENTBLUETOOTH CELL PHONE DATA NETWORKS ADVANTAGES/ DISADVANTAGES GENERAL INFORMATION Main Menu.

Transmission Media / Channels. Introduction Provides the connection between the transmitter and receiver. 1.Pair of wires – carry electric signal. 2.Optical.

 fiber optics cable and free space optics (FSO). Like fiber optics cable, FSO uses lasers to transmit data, but instead of enclosing the data stream.

Stallings, Wireless Communications & Networks, Second Edition, © 2005 Pearson Education, Inc. All rights reserved Wireless LAN Technology.

Wireless Versus Wired Network Components By: Steven R. Yasoni & Dario Strazimiri.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Security Fundamentals Group TEMPEST Security Hidema Tanaka.

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

By Zeyad khudhayer University of Baghdad College of Engineering Electronic & communication department 4 th year.

1 Business Telecommunications Data and Computer Communications Chapter 3 Data Transmission.

Kashif Bashir1 Basic Electronics Kashif Bashir Web:

Communication channels and transmission media

7.1 Chapter 7 Transmission Media. 7.2 Figure 7.1 Transmission medium and physical layer Transmission media are located below the physical layer and are.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Physical Transmission

Side Channel Attacks through Acoustic Emanations

Echelon › Developed by National Security Agency of USA. › A secret project to spy on people by tracing their messages. › To find out the terrorist activities.

Data Communications Chapter 16, Exploring the Digital Domain.

Cryptography, Authentication and Digital Signatures

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Radio Transmission Music and words are sent to your radio by radio waves. The metal antenna of your radio detects radio waves. As the electromagnetic.

Introduction to Network (c) Nouf Aljaffan

Transmission Media The physical pathways that connect computers and devices on a network.

EMISSIONS SECURITY Elizabeth Eykman Supervisors:Stephen Gould & Matt Barrie.

The EM Side-Channel(s) Dakshi Agrawal Bruce Archambeault Josyula R Rao Pankaj Rohatgi IBM.

{ Transmission Media.  Information can be transmitted through a medium by varying some physical property.  The physics of the universe places some limits.

Electromagnetic Radiation from VDUs: An Eavesdropping Risk? Paul Shotbolt Article in “Computers and Security” Volume 4. Number 4.by Wim van Eck.

Penetrating encrypted evidence Writer ： Hank Wolfe University of Otago, Computer Security, Forensics, Information Science Department, New Zealand Presentation.

1 ELE5 COMMUNICATIONS SYSTEMS REVISION NOTES. 2 Generalised System.

COEN 350 Network Security Introduction. Computer Networks OSI Reference Model Application Layer Presentation Layer Session Layer Transport Layer Network.

"The generation of random numbers is too important to be left to chance.” 1 -- Robert R. Coveyou Oak Ridge National Laboratory.

Cognitive Radio: Next Generation Communication System

Technician License Course Chapter 2 Lesson Plan Module 2 – Radio Signals and Waves.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Part 3  Transmission Media & EM Propagations.  Provides the connection between the transmitter and receiver. 1.Pair of wires – carry electric signal.

Compromising Electromagnetic Emanations of Wired and Wireless Keyboards Presented By: Justin Rilling Written By: Martin Vuagnoux and Sylvain Pasini.

TEMPEST AND ECHELON BY – Y.SRUTHI.  TEMPEST and ECHELON are the method of spying in a sophisticated manner.  Both technologies are a part of secret.

Communications security

Communications Introduction Mr. Hennessy/Mr. DiMeglio Uxbridge High School 1/08.

TOPIC 1.2 INTRODUCTION TO NETWORKING. OBJECTIVES By the end of the topic, students should be able to: a) List the elements of data communication systems.

Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk? Wim van Eck Computers & Security 4 ( 1985 ) Elsevier Science Publishers B.V.

TELECOMMUNICATION. Communication over a long distance.

BY: NICK DOWNER TEMPEST EMISSIONS. OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage.

Electronic Communication Chapter 6. What is Electronic Communication? Transmission of information using electricity Electromagnetic Wave: a wave created.

BE 2 nd year sem-3 ELECTRICAL DEPARTMENT. sub : electrical measurements and measuring instruments TOPIC : magnetic recorders GROUP NO : 2 1. VINEET ( )

SMART ANTENNAS SMART ANTENNAS apoorva k. Shetti 2bu09ec006

By. Jadhav Avinash J Roll no - 2K13E11. Reference: Hewlett Packard Agilent Technology Wikipedia GwINSTEK.

Submitted by: Himanshi Sharma(IV yr.IT,Sec-a).  The notion of spying is a very sensitive topic after the September 11 attack of Terrorists in New York.

Intro to Telecommunication The Wireless Network Project

Communication Systems Waseem Gulsher

COEN 350 Network Security Introduction.

ROHIT RAJ TEMPEST AND ECHELON A SEMINAR BY ROLL NO VII TH SEM

Reliability and Channel Coding

Presentation transcript:

Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013

Introduction Tempest emanations Electromagnetic waves emitted by electric devices Generated when device changes voltage of an electric current Can travel extensive distances through free space Travel distance can be extended by conductors Can be captured Tempest attacks Captured Tempest emanations can be deciphered to uncover processed data

History 1944 – Bell Labs stumble upon Tempest emanations Bell Labs provided US Military with mixing devices called 131-B2 Used with a rotor key generator to encrypt messages Each step of the mixing device caused a frequency pattern to appear on an oscilloscope Found that the frequency pattern revealed the plaintext of the encrypted messages Findings reported to the US Military US Military was skeptical Bell Labs performed a test to prove threat Recorded signals from 80 feet away from the Signal Corps’ Varick Street cryptocenter Produced 75% of the plaintext being processed

History Bell Labs directed to develop suppression methods Bell Labs’ suppression methods: Shielding Prevent Tempest emanations through free space and magnetic fields Filtering Prevent compromising emanations from traveling through conductors Masking Purposely create electrical noise to drown out compromising emanations

History US Military’s Response Modified device was bulky and required too much maintenance Established control zones 100 feet in diameter Ended research on Tempest emanations

History 1951 – CIA rediscovered the 131-B2 and Tempest emanations NSA picked up project in an attempt to find new suppression methods 1953 – Policy required all US cryptocenters to either: Establish a control zone, 400 feet in diameter Implement masking Apply for a waiver based on operational necessity 1954 – Soviets published a set of standards for the suppression of radio frequency interference

History 1960 – British intelligence agency accidently discovered Tempest emanations in a similar manner to Bell Lab’s discovery 1985 – Wim van Eck published a paper demonstrating how contents from a CRT could be extracted using low-cost equipment First major public description of Tempest emanations Van Eck phreaking

Executing a Tempest Attack Use a wide-band receiver tuned to a specific frequency 1.Determine what frequency to be listening in on Scan entire frequency range and extract plaintext of emanation according to its amplitude/frequency modulation 2.Improve signal-to-noise ratio Use narrow-band antennas and filters 3.Intercept emanations and deduce plaintext

Present-Day Tempest Attacks CRT Monitors Electron beam strikes screen at various intensities to generate different pixels The electric signal that drives the electron beam emits Tempest emanations Pixels updated one at a time LCD Monitors Pixels updated row by row No deflection coils – low radiation Operate on low voltages Still vulnerable DVI cable Configurations

Present-Day Tempest Attacks Keyboards Each keystroke causes the voltage of the electric current being sent to the computer to change Tempest Viruses Theoretical (Ross J. Anderson) Infiltrate machine and automatically transmit retrieved information to a hidden radio receiver nearby

Tempest Emanations and Businesses Tempest Emanations Difficult to suppress Surpasses advanced encryption algorithms The business environment consists of many electronic devices emitting Tempest emanations Sensitive information at risk Personal information Financial information Customer information Login information Encryption/decryption keys

Mitigation Modify devices 1955 – NSA modified teletypewriters to transmit character data all at once Resulted in one large (oscilloscope) “spike” per character instead of five Reduce voltage Weaker emanations Soft Tempest Font Markus Kuhn and Ross Anderson Free Minimize strength of compromising emanations Readable on a computer monitor, but not across Tempest emanations

Mitigation Soft Tempest Font

Mitigation Shield Individual machines Faraday cage Apply filters Mask – drown out emanations by generating electrical noise Physically separate machines (classified and unclassified) Encrypt signal being sent HDCP – High bandwidth Digital Content Protection LCD Monitors Lower refresh rate

Conclusion Initially very difficult to suppress Some methods are expensive Modifying devices Faraday cages Physically separating machines Moving forward Encrypt signal being sent

References [1] D. G. Boak, “A History of U.S. Communications Security,” NSA, Ft. George G. Meade, MD, Rep. MDR-54498, 1973, vol. 1 and 2. [2] M. G. Kuhn and R. J. Anderson, D. Aucsmith, "Soft tempest: Hidden data transmission using electromagnetic emanations", Information Hiding: 2nd Int. Workshop, vol. 1525, pp :Springer-Verlag [3] M. Pellegrini. (2008, April 29). Declassified NSA Document Reveals the Secret History of TEMPEST [Online]. Available: [4] B. Koops, The Crypto Controversy: A Key Conflict in the Information Society, Kluwer Law International, 1999, pp [5] R. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley Computer Publishing, New York, 2001, pp [6] Dynamic Sciences International, Inc. (2012). R-1550A TEMPEST Receiver [Online]. Available: [7] M. Vuagnoux and S. Pasini. "Compromising electromagnetic emanations of wired and wireless keyboards," In proceedings of the 18th USENIX Security Symposium, pages 1-16, Montreal, Canada, USENIX Association. [8] J. Loughry and D. A. Umphress. Information leakage from optical emanation. ACM Transactions on Information and Systems Security, 5(3): , [9] Introni (2012). La Crittografia [Online]. Available:

Questions?