Soft Tempest: Hidden Data TransmissionUsing Electromagnetic EmanationsMarkus G. Kuhn?and Ross J. AndersonUniversity of Cambridge, Computer Laboratory, New Museums Site,Pembroke Street, Cambridge CB2 3QG, United Kingdom{mgk25,rja14}@cl.cam.ac.ukAbstract. It is well known that eavesdroppers can reconstruct videoscreen content from radio frequency emanations. We discuss techniquesthat enable the software on a computer to control the electromagneticradiation it transmits. This can be used for both attack and defence.To attack a system, malicious code can encode stolen information inthe machine’s RF emissions and optimise them for some combinationof reception range, receiver cost and covertness. To defend a system, atrusted screen driver can display sensitive information using fonts whichminimise the energy of these emissions. There is also an interesting po-tential application to software copyright protection.1 IntroductionIt has been known to military organizations since at least the early 1960s thatcomputers generate electromagnetic radiation which not only interferes with ra-dio reception, but also leaks information about the data being processed. Knownas compromising emanations or Tempest radiation, a code word for a U.S. gov-ernment programme aimed at attacking the problem, the electromagnetic broad-cast of data has been a significant concern in sensitive computer applications.In his book ‘Spycatcher’ [1], former MI5 scientist Peter Wright recounts theorigin of Tempest attacks on cipher machines. In 1960, Britain was negotiatingto join the European Economic Community, and the Prime Minister was worriedthat French president De Gaulle would block Britain’s entry. He therefore askedthe intelligence community to determine the French negotiating position. Theytried to break the French diplomatic cipher and failed. However, Wright and hisassistant Tony Sale noticed that the enciphered traffic carried a faint secondarysignal, and constructed equipment to recover it. It turned out to be the plaintext,which somehow leaked through the cipher machine.Sensitive government systems today employ expensive metallic shielding ofindividual devices, rooms and sometimes entire buildings [2]. Even inside shield-ed environments, the ‘red/black’ separation principle has to be followed: ‘Red’equipment carrying confidential data (such as computer terminals) has to be iso-lated by filters and shields from ‘black’ equipment (such as radio modems) that?Supported by a European Commission Marie Curie training grantDavid Aucsmith (Ed.): Information Hiding 1998, LNCS 1525, pp. 124–142, 1998.c Springer-Verlag Berlin Heidelberg 1998Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations 125handles or transmits unclassified data. Equipment with both ‘red’ and ‘black’connections, such as cipher machines and multilevel secure workstations, requiresparticularly thorough testing. The U.S. standard NACSIM 5100A that specifiesthe test requirements for Tempest protected equipment, and its NATO equiva-lent AMSG 720B, are classified documents [3–5]. In Germany, even the namesof the government standards on compromising radiation are kept secret.So we lack full information about the measurement technology required forTempest tests, but descriptions in published patents [6, 7] suggest that the toolsemployed are orders of magnitude more sensitive than the spectrum analysersused in standard electromagnetic compatibility (EMC) and radio frequency in-terference (RFI) testing. Some tests involve long-term cross-correlation mea-surements between signals measured directly inside the target system and thenoisy and distorted signals received from external sources including not just an-tennas but also power and ground lines, peripherals and network cables. Evenmicrophones can be suitable sensors, especially to test noisy equipment like lineprinters. By averaging correlation values over millions of samples, even very weaktraces of the processed information can be identified in electric, electromagneticand acoustic emanations.When conducting attacks, similar periodic averaging and cross-correlationtechniques can be used if the signal is periodic or if its structure is understood.Video display units output their frame buffer content periodically to a mon-itor and are therefore a target, especially where the video signal is amplifiedto several hundred volts. Knowledge of the fonts used with video displays andprinters allows maximum likelihood character recognition techniques to give abetter signal/noise ratio for whole characters than is possible for individual pix-els. Malicious software implanted by an attacker can also generate periodic orpseudorandom signals that are easy to detect.Similar techniques can be applied when snooping on CPUs that executeknown algorithms. Even if signals caused by single instructions are lost in thenoise, correlation techniques can be used to spot the execution of a known pat-tern of instructions. Bovenlander reports identifying when a smartcard performsa DES encryption by monitoring its power consumption for a pattern repeatedsixteen times [8]. Several attacks become possible if one can detect in the powerconsumption that the smartcard processor is about to write into EEPROM. Forexample, one can try a PIN, deduce that it was incorrect from the power con-sumption, and issue a reset before the non-volatile PIN retry counter is updated.In this way, the PIN retry limit may be defeated.Electromagnetic radiation as a computer security risk was mentioned in theopen literature as early as 1967 [9]. One of the first more detailed public descrip-tions of the Tempest threat appears to have been a 1983 report in Swedish [10],but the problem was brought to general attention by a 1985 paper [11] in whichvan Eck demonstrated that the screen content of a video display unit could be re-constructed at a distance using low-cost home built equipment—a TV set whosesync pulse generators were replaced by manually controlled oscillators. His re-126 Markus G. Kuhn and Ross J. Andersonsults were later confirmed by M¨oller, Bernstein and Kolberg, who also discussvarious shielding techniques [12].Smulders later showed that even shielded RS-232 cables can often be eaves-dropped at a distance [13]. Connection cables form resonant circuits consisting ofthe induction of the cable and the capacitance between the device and ground;these are excited by the high-frequency components in
View Full Document
Unlocking...