It has occurred to me that the cheapest form of protection from tempest attacks might be an active transmitter that swamps the signal from the computer. Such a transmitter would still be legal if its power output is kept within the FCC part 15 rules.
Take, for example, the signal from a CRT monitor. The monitor signal consists of large signals which are the vertical and horizontal sync pulses, and smaller signals which are the levels of each of the phosphor guns.
The simplest countermeasure would be random RF noise which is many orders of magnitude stronger than the signal from the monitor. However, with this system, the attacker can average many fields from the monitor and perhaps still recover the signal because any give pixel is the same, while the noise is random. (Or at least the pixels change slowly compared with the fields, giving lots of data to average.)
The next more complex version sends the same random screen over and over in sync with the monitor. Even more complex versions change the random screen every-so-often to try to frustrate recovering the differences between screens of data on the monitor.
Can such a device be built and still stay within the Part 15 rules?
Cheers - Bill
Part 15 is pretty complex, but reading a summary at http://www.arrl.org/tis/info/part15.html suggests a number of problems. First there are dozens of bands where intentional radiators are not permitted to operate (15.205). Designing a noise source that avoided all these band might be difficult.
Second, the permitted signal levels associated with intentional radiators (15.209) are very similar to those permitted for unintentional radiators (15.109), including most consumer grade CRT monitors (Class B). Commercial monitors (Class A) are permitted higher levels of radiation, but I suspect most monitors made today are Class B.
Now the radiation from a monitor is mostly sweep signals and the like, which carry no information. The signals that drive the CRT guns are much weaker. But I suspect you will need the noise to be much more powerful to obliterate the signal carrying data. The situation is even worse if the attacker suspects what the data may contain. He can then use correlation techniques to find the data well below the noise level.
I'd also point out that the noise source has be be co-located with the data signal. Otherwise, the attacker can use a directional antenna to capture the noise signal without the data signal, allowing it to be subtracted from the data+noise signal. Similarly, it will be vital to change the noise pattern whenever the content of the CRT changes, otherwise the attacker who had reason to suspect when the screen changed can subtract data1+noise from data2+noise to get data2-data1, which is likely to leak a lot of information.
I suspect it would be cheaper to shield the CRT or operate in a Faraday cage.
Arnold Reinhold
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
