Jump to content

Tempest (codename)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 84.136.168.231 (talk) at 22:43, 18 May 2006 (External links: added information site ziviltempest.de). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

For other uses, see Tempest.

TEMPEST is a U.S. government codename for a set of standards for limiting electric or electromagnetic radiation emanations from electronic equipment such as microchips, monitors, or printers. It is a counter-intelligence measure aimed at the prevention of electronic espionage. The term TEMPEST is often used more broadly for the entire field of compromising emanations or Emissions Security (EMSEC).

Basic TEMPEST information has not been classified since 1995. Although short excerpts from the main U.S. TEMPEST standard, NSTISSAM TEMPEST/1-92, are now publicly available, all the actual emission limits and test procedures defined in it remain classified and have been redacted from the published version. The NATO equivalent AMSG 720B is also still classified. The NSA publishes lists of labs approved for TEMPEST testing and equipment that has been certified. The United States Army has a TEMPEST testing facility, as part of the U.S. Army Information Systems Engineering Command, at Fort Huachuca, Arizona. Similar lists and facilities exist in other NATO countries.

TEMPEST certification must apply to entire systems, not just to individual components, since connecting a single unshielded component (such as a cable) to an otherwise secure system could easily make it radiate dramatically more RF signal. This means that users who must specify TEMPEST certification could pay much higher prices, for obsolete hardware, and be severely limited in the flexibility of configuration choices available to them. A less-costly approach is to place the equipment in a fully shielded room.

Two related areas of emissions security, code named NONSTOP and HIJACK, remain classified. NONSTOP is thought to involve potential compromising emissions from electronic systems when they are inadvertently irradiated by other radio signals, including ordinary cell phones. HIJACK may refer to active attacks of this nature.

TEMPEST standards require "RED/BLACK separation", i.e. maintaining distance or installing shielding between circuits and equipment used to handle classified or sensitive information (red) and normal unsecured circuits and equipment (black), the latter including those carrying encrypted signals. Manufacture of TEMPEST-approved equipment must be done under careful quality control to ensure that additional units are built exactly the same as the units that were tested. Changing even a single wire can invalidate the tests.

One aspect of TEMPEST testing that distinguishes it from limits on spurious emissions (e.g. FCC Part 15) is a requirement of absolute minimal correlation between radiated energy or detectable emissions and any plain text data that are being processed. It would stand to reason that this requirement holds in some form for other types of data as well.

Public research

In 1985, Wim van Eck published the first unclassified technical analysis of the security risks of emanations from computer monitors. This paper caused some consternation in the security community, which had previously believed that such monitoring was a highly sophisticated attack available only to governments; van Eck successfully eavesdropped on a real system, at a range of hundreds of metres, using just $15 worth of equipment plus a television set. In consequence of this research such emanations are sometimes called "van Eck radiation", and the eavesdropping technique Van Eck phreaking, although it is realised that an unknown government researcher had discovered it long before. This technique is used as a plot point in Neal Stephenson's novel Cryptonomicon.

Markus Kuhn discovered several low-cost software techniques for reducing the chances that emanations from computer displays can be monitored remotely. With CRT displays and analogue video cables, filtering out high-frequency components from fonts before rendering them on a computer screen will attenuate the energy at which text characters are broadcast. With modern flat-panel displays, the high-speed digital serial interface (DVI) cables from the graphics controller are a main source of compromising emanations. Adding random noise to the less significant bits of pixel values may render the emanations from flat-panel displays unintelligible to eavesdroppers but is no secure method. Since DVI uses a certain bit code scheme for trying to transport an evenly balanced signal of 0 and 1 bits there may not be much difference between two pixel colours that differ very much in their colour or intensity. It may also be that the generated emanations mey differ totally even if only the last bit of a pixel's colour is changed. The signal received by the eavesdropper does also depend on the frequency where he detects the emanations. The signal can be received on many frequencies at once and each frequency's signal differs in contrast and brightness related to a certain colour on the screen. One should not rely on adding noise but make use of so called tempestation of the equipment. There are few companies where such equipment may be bought or standard equipment be modified to confirm standards like NATO's AMSG 720B, 788 or 784.

See also

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Tempest_(codename)&oldid=53936643"