TEMPEST
|
TEMPEST is a U.S. government code word for a set of standards for limiting electric or electromagnetic radiation emanations from electronic equipment such as microchips, monitors, or printers. It is a counter-intelligence measure aimed at the prevention of electronic espionage. The term TEMPEST is often used more broadly for the entire field of compromising emanations or Emissions Security (EMSEC).
Basic TEMPEST information has not been classified since 1995. Although short excerpts from the main U.S. TEMPEST standard, NSTISSAM TEMPEST/1-92, are now publicly available, all the actual emission limits and test procedures defined in it remain classified and have been redacted from the published version. The NATO equivalent AMSG 720B is also still classified. The NSA publishes lists of labs approved for TEMPEST testing and equipment that has been certified. The United States Army has a TEMPEST testing facility, as part of the U.S. Army Information Systems Engineering Command, at Fort Huachuca, Arizona. Similar lists and facilities exist in other NATO countries.
TEMPEST certification must apply to entire systems, not just to individual components, since connecting a single unshielded component (such as a cable) to an otherwise secure system could easily make it radiate dramatically more RF signal. This means that users who must specify TEMPEST certification will pay much higher prices, for obsolete hardware, and be severely limited in the flexibility of configuration choices available to them.
Two related areas of emissions security, code named NONSTOP and HIJACK, remain classified. NONSTOP is thought to involve potential compromising emissions from electronic systems when they are inadvertently irradiated by other radio signals, including ordinary cell phones. HIJACK may refer to active attacks of this nature.
TEMPEST standards require "RED/BLACK separation", i.e. maintaining distance or installing shielding between circuits and equipment used to handle classified or sensitive information (red) and normal unsecured circuits and equipment (black), the latter including those carrying encrypted signals. Manufacture of TEMPEST-approved equipment must be done under careful quality control to ensure that additional units are built exactly the same as the units that were tested. Changing even a single wire can invalidate the tests.
One aspect of TEMPEST testing that distinguishes it from limits on spurious emissions (e.g. FCC Part 15) is a requirement of absolute minimal correlation between radiated energy or detectable emissions and any plain text data that are being processed. It would stand to reason that this requirement holds in some form for other types of data as well.
Public research
In 1985, Wim van Eck published the first unclassified technical analysis of the security risks of emanations from computer monitors. This paper caused some consternation in the security community, which had previously believed that such monitoring was a highly sophisticated attack available only to governments; van Eck successfully eavesdropped on a real system, at a range of hundreds of metres, using just $15 worth of equipment plus a television set. In consequence of this research such emanations are sometimes called "van Eck radiation", and the eavesdropping technique "van Eck phreaking", although it is realised that an unknown government researcher had discovered it long before.
Markus Kuhn discovered several low-cost software techniques for reducing the chances that emanations from computer displays can be monitored remotely. With CRT displays and analogue video cables, filtering out high-frequency components from fonts before rendering them on a computer screen will attenuate the energy at which text characters are broadcast. With modern flat-panel displays, the high-speed digital serial interface (DVI) cables from the graphics controller are a main source of compromising emanations. Adding random noise to the less significant bits of pixel values can render the emanations from flat-panel displays unintelligible to eavesdroppers.
See also
External links
- NSA TEMPEST endorsement program (http://www.nsa.gov/ia/industry/tempest.cfm)
- The Complete, Unofficial Tempest Information Page (http://www.eskimo.com/~joelm/tempest.html)
- van Eck-style Radiation Interception Experiments (http://www.trilightzone.org/gbppr/mil/vaneck/index.html)
- Kaiser RAS-515A Raster Analysis System (http://www.martykaiser.com/ras515a.htm)
- TEMPEST 101 by James M. Atkinson (http://www.tscm.com/TSCM101tempest.html)
- Electromagnetic Eavesdropping Risks of Flat-Panel Displays (http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf)
- Compromising emanations: eavesdropping risks of computer displays (http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-577.html)
- Tempest for Eliza (http://www.erikyyy.de/tempest/) -- a program that uses your computer monitor to send out AM radio signals. You can then hear computer generated music in your radio.de:TEMPEST