Re: Active Countermeasures Against Tempest Attacks
> Date: Mon, 10 Mar 2003 23:43:28 -0800 > From: Bill Stewart <[EMAIL PROTECTED]> > > At 09:14 AM 03/10/2003 -0500, Arnold G. Reinhold wrote: > >On the other hand, remember that the earliest Tempest systems > >were built using vacuum tubes. An attacker today can carry vast amounts [...snip...] > > Basically, if you've got a serious threat of TEMPEST attacks, > you've got serious problems anyway... Actually, quite a bit of the TEMPEST framework is not stopping an adversary from reading what you have on your CRT (or display), but denying the adversary the wherewithal for figuring out that you ARE there. It would really be the pits to have someone standing off over the horizion and saying... "Hm-m-m... 70Mhz over THERE? Why is a monitor over THERE? There shouldn't be ANYTHING over THERE... Hm-m-m.. Who do we know that uses..." Well, you get the idea. TEMPEST equipment is specially shielded so that it does not leak ANY RF energy that can be picked up on RF direction finding equipment. --- Gregory Hicks| Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400 San Jose, CA 95134 | Internet: [EMAIL PROTECTED] "The trouble with doing anything right the first time is that nobody appreciates how difficult it was." When a team of dedicated individuals makes a commitment to act as one... the sky's the limit. Just because "We've always done it that way" is not necessarily a good reason to continue to do so... Grace Hopper, Rear Admiral, United States Navy - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Active Countermeasures Against Tempest Attacks
At 11:43 PM -0800 3/10/03, Bill Stewart wrote: At 09:14 AM 03/10/2003 -0500, Arnold G. Reinhold wrote: On the other hand, remember that the earliest Tempest systems were built using vacuum tubes. An attacker today can carry vast amounts of signal processing power in a briefcase. And while some of the signal processing jobs need to scale with the target systems, as computer clock speeds get faster, the leakage gets higher and therefore shielding becomes harder and leakage gets higher. Most of the older shielding systems can do fine with the 70 MHz monitor speeds, but the 3 GHz CPU clock speed is more leaky. Millimeter wavelengths are _much_ more annoying. All in all I would not put much faith in ad hoc Tempest protection. Without access to the secret specifications and test procedures, I would prefer to see highly critical operations done using battery powered laptops operating in a Faraday cage, with no wires crossing the boundary (no power, no phone, no Ethernet, nada). In that situation, one can calculate shielding effectiveness from first principles. http://www.cs.nps.navy.mil/curricula/tracks/security/AISGuide/navch16.txt suggests US government requirements for a shielded enclosure are 60 db minimum. Back when most of the energy lived at a few MHz, it was easy to make enclosures that had air vents that didn't leak useful amounts of signal. It's harder today. So take your scuba gear into your Faraday cage with you :-) One of my pet ideas is to used older, 1990's vintage, laptops for secure processing, e.g. reading PGP mail, generating key pairs, signing submaster keys, etc. They are cheap enough to dedicate to the task, they'd be off most of the time thereby reducing vulnerability, older operating systems and firmware have fewer opportunities for mischief and most viruses won't run on the old software. Easier shielding due to lower clock rate is an advantage I hadn't thought of before. Basically, if you've got a serious threat of TEMPEST attacks, you've got serious problems anyway... You could say that about strong crypto in general. Anyone with valuable information stored on a computer has lots to worry about. Arnold Reinhold - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Active Countermeasures Against Tempest Attacks
At 09:14 AM 03/10/2003 -0500, Arnold G. Reinhold wrote: On the other hand, remember that the earliest Tempest systems were built using vacuum tubes. An attacker today can carry vast amounts of signal processing power in a briefcase. And while some of the signal processing jobs need to scale with the target systems, as computer clock speeds get faster, the leakage gets higher and therefore shielding becomes harder and leakage gets higher. Most of the older shielding systems can do fine with the 70 MHz monitor speeds, but the 3 GHz CPU clock speed is more leaky. Millimeter wavelengths are _much_ more annoying. All in all I would not put much faith in ad hoc Tempest protection. Without access to the secret specifications and test procedures, I would prefer to see highly critical operations done using battery powered laptops operating in a Faraday cage, with no wires crossing the boundary (no power, no phone, no Ethernet, nada). In that situation, one can calculate shielding effectiveness from first principles. http://www.cs.nps.navy.mil/curricula/tracks/security/AISGuide/navch16.txt suggests US government requirements for a shielded enclosure are 60 db minimum. Back when most of the energy lived at a few MHz, it was easy to make enclosures that had air vents that didn't leak useful amounts of signal. It's harder today. So take your scuba gear into your Faraday cage with you :-) Basically, if you've got a serious threat of TEMPEST attacks, you've got serious problems anyway... - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Active Countermeasures Against Tempest Attacks
At 9:35 PM -0500 3/8/03, Dave Emery wrote: On Fri, Mar 07, 2003 at 10:46:06PM -0800, Bill Frantz wrote: The next more complex version sends the same random screen over and over in sync with the monitor. Even more complex versions change the random screen every-so-often to try to frustrate recovering the differences between screens of data on the monitor. Five or six years ago I floated the suggestion that one could do worse than phase lock all the video dot clock oscillators in a computer room or office to the same master timing source. This would make it significantly harder to recover one specific monitor's image by averaging techniques as the interference from nearby monitors would have exactly the same timing and would not average out as it does in the more typical case where each monitor is driven from a video board with a slightly different frequency dot clock (due to aging and manufacturing tolerances). The dot clock on a megapixel display is around 70 MHz, or 14 nanoseconds per pixel. Syncing that over some distance is not trivial. Remember the speed of light is 1 nanosecond/foot. On the other hand, I think syncing the sweep signals would be enough to implement your idea and that should not be hard to do, possibly even in software since they are created on the video card. Effectiveness is another matter. The attacker could use a directional antenna to separate out monitors. Even if his equipment was outside the building, the windows would act like an antenna whose radiation pattern would be different for the different monitors in the room. The attacker might be able to discriminate between different monitors just by driving his van around outside. Even if he can't distinguish between different monitors, he still gets a signal that is the sum of the content on each monitor. That is analogous to a book code and likely just as secure, i.e. not very. Modifying existing video boards to support such master timing references is possible, but not completely trivial - but would cost manufacturers very little if it was designed in in the first place. Modifying existing monitors to shield the video signal wouldn't cost that much either. As I understand it the big expense in Tempest rated equipment is the testing and the tight manufacturing control needed to insure that the monitors produced are the same as the ones tested. And of course one could "improve" the shielding on the monitor with the dummy unimportant data so it radiated 10 or 20 db more energy than the sensitive information monitor next to it. In many cases this might involve little more than scraping off some conductive paint or removing the ground on a cable shield. Simply buying some class A monitors for the dummy data might do what you want, but I'm not sure 10-20 db of reduced signal to background buys you much. I've heard numbers of 100 db or more required for effective Tempest shielding, with Class B shielding (the higher grade FCC requirement) buying you 40-50 db. See for example http://www.cabrac.com/RFI_EMI_Tempest.html I am sure that it would take little effort with a spectrum analyzer and some hand tools to defeat most of the EMI suppression in many monitors and whilst this would not be entirely legal under FCC rules (at least for a manufacturer or dealer) it probably would be closer to legal than deliberately creating rf interference with an intentionally radiating jammer. I imagine, however, that the usefulness of the RF radiated by a modern TFT flat panel display fed with DVI digital video is already much less as there is no serial stream of analog pixel by pixel video energy at any point in such an environment. Most TFTs do one entire row or column of the display at a time in parallel which does not yield an easily separated stream of individual pixel energy. Thus extracting anything resembling an image would seem very difficult. The signal is still serialized in digital form at some point on a pixel by pixel basis. Because flat panels do not have the high-power sweep signals of CRT monitors, the overall shielding needed to meet Class B may be less. That might make life easier for attackers. This does suggest one simple approach that might be useful for flat panels displaying sensitive text: chose foreground and back ground colors that have the same number of on and off bits in each color byte pair, e.g. foreground red and background red each have three bits on, both blues have four bits on, both greens have five bits on. That might make background and foreground more difficult to distinguish via RF radiation in an all digital system. So perhaps the era of the simplest to exploit TEMPEST threats is ending as both optical and rf TEMPEST is much easier with raster scan pixel at a time CRT displays than it is with modern more parallel flat panel display designs. On the other hand, remember that the earliest Tempest systems were built using vacuum tu
Re: Active Countermeasures Against Tempest Attacks
At 10:46 PM -0800 3/7/03, Bill Frantz wrote: It has occurred to me that the cheapest form of protection from tempest attacks might be an active transmitter that swamps the signal from the computer. Such a transmitter would still be legal if its power output is kept within the FCC part 15 rules. Take, for example, the signal from a CRT monitor. The monitor signal consists of large signals which are the vertical and horizontal sync pulses, and smaller signals which are the levels of each of the phosphor guns. The simplest countermeasure would be random RF noise which is many orders of magnitude stronger than the signal from the monitor. However, with this system, the attacker can average many fields from the monitor and perhaps still recover the signal because any give pixel is the same, while the noise is random. (Or at least the pixels change slowly compared with the fields, giving lots of data to average.) The next more complex version sends the same random screen over and over in sync with the monitor. Even more complex versions change the random screen every-so-often to try to frustrate recovering the differences between screens of data on the monitor. Can such a device be built and still stay within the Part 15 rules? Cheers - Bill Part 15 is pretty complex, but reading a summary at http://www.arrl.org/tis/info/part15.html suggests a number of problems. First there are dozens of bands where intentional radiators are not permitted to operate (15.205). Designing a noise source that avoided all these band might be difficult. Second, the permitted signal levels associated with intentional radiators (15.209) are very similar to those permitted for unintentional radiators (15.109), including most consumer grade CRT monitors (Class B). Commercial monitors (Class A) are permitted higher levels of radiation, but I suspect most monitors made today are Class B. Now the radiation from a monitor is mostly sweep signals and the like, which carry no information. The signals that drive the CRT guns are much weaker. But I suspect you will need the noise to be much more powerful to obliterate the signal carrying data. The situation is even worse if the attacker suspects what the data may contain. He can then use correlation techniques to find the data well below the noise level. I'd also point out that the noise source has be be co-located with the data signal. Otherwise, the attacker can use a directional antenna to capture the noise signal without the data signal, allowing it to be subtracted from the data+noise signal. Similarly, it will be vital to change the noise pattern whenever the content of the CRT changes, otherwise the attacker who had reason to suspect when the screen changed can subtract data1+noise from data2+noise to get data2-data1, which is likely to leak a lot of information. I suspect it would be cheaper to shield the CRT or operate in a Faraday cage. Arnold Reinhold - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Active Countermeasures Against Tempest Attacks
On Fri, Mar 07, 2003 at 10:46:06PM -0800, Bill Frantz wrote: > > The next more complex version sends the same random screen over and over in > sync with the monitor. Even more complex versions change the random screen > every-so-often to try to frustrate recovering the differences between > screens of data on the monitor. > Five or six years ago I floated the suggestion that one could do worse than phase lock all the video dot clock oscillators in a computer room or office to the same master timing source. This would make it significantly harder to recover one specific monitor's image by averaging techniques as the interference from nearby monitors would have exactly the same timing and would not average out as it does in the more typical case where each monitor is driven from a video board with a slightly different frequency dot clock (due to aging and manufacturing tolerances). Modifying existing video boards to support such master timing references is possible, but not completely trivial - but would cost manufacturers very little if it was designed in in the first place. And of course one could "improve" the shielding on the monitor with the dummy unimportant data so it radiated 10 or 20 db more energy than the sensitive information monitor next to it. In many cases this might involve little more than scraping off some conductive paint or removing the ground on a cable shield. I am sure that it would take little effort with a spectrum analyzer and some hand tools to defeat most of the EMI suppression in many monitors and whilst this would not be entirely legal under FCC rules (at least for a manufacturer or dealer) it probably would be closer to legal than deliberately creating rf interference with an intentionally radiating jammer. I imagine, however, that the usefulness of the RF radiated by a modern TFT flat panel display fed with DVI digital video is already much less as there is no serial stream of analog pixel by pixel video energy at any point in such an environment. Most TFTs do one entire row or column of the display at a time in parallel which does not yield an easily separated stream of individual pixel energy. Thus extracting anything resembling an image would seem very difficult. So perhaps the era of the simplest to exploit TEMPEST threats is ending as both optical and rf TEMPEST is much easier with raster scan pixel at a time CRT displays than it is with modern more parallel flat panel display designs. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]