Home      Discussion      Topics      Dictionary      Almanac
Signup       Login
TEMPEST

TEMPEST

Discussion
Ask a question about 'TEMPEST'
Start a new discussion about 'TEMPEST'
Answer questions from other users
Full Discussion Forum
 
Encyclopedia
TEMPEST is a codename referring to investigations and studies of compromising emission (CE) (see Van Eck phreaking
Van Eck phreaking
Van Eck phreaking is the process of eavesdropping on the contents of a CRT- or LC-Display by detecting its electromagnetic emissions. It is named after Dutch computer researcher Wim van Eck, who in 1985 published the first paper on it, including proof of concept.Phreaking is the process of...

). Compromising emanations are defined as unintentional intelligence
Intelligence (information gathering)
Intelligence assessment is the development of forecasts of behaviour or recommended courses of action to the leadership of an organization, based on a wide range of available information sources both overt and covert. Assessments are developed in response to requirements declared by the leadership...

-bearing signals which, if intercepted and analyzed, may disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment. TEMPEST is a codename only and is not an acronym.

Compromising emanations consist of electrical
Electricity
Electricity is a general term encompassing a variety of phenomena resulting from the presence and flow of electric charge. These include many easily recognizable phenomena, such as lightning, static electricity, and the flow of electrical current in an electrical wire...

, mechanical
Mechanical energy
In physics, mechanical energy is the sum of potential energy and kinetic energy present in the components of a mechanical system. It is the energy associated with the motion and position of an object. The law of conservation of energy states that in an isolated system that is only subject to...

, or acoustical
Acoustics
Acoustics is the interdisciplinary science that deals with the study of all mechanical waves in gases, liquids, and solids including vibration, sound, ultrasound and infrasound. A scientist who works in the field of acoustics is an acoustician while someone working in the field of acoustics...

 energy intentionally or by mishap unintentionally emitted by any number of sources within equipment/systems which process national security
National security
National security is the requirement to maintain the survival of the state through the use of economic, diplomacy, power projection and political power. The concept developed mostly in the United States of America after World War II...

 information. This energy may relate to the original encrypted
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...

 message, or information being processed, in such a way that it can lead to recovery of the plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....

. Laboratory and field tests have established that such CE can be propagated through space and along nearby conductors
Electrical conductor
In physics and electrical engineering, a conductor is a material which contains movable electric charges. In metallic conductors such as copper or aluminum, the movable charged particles are electrons...

. The interception/propagation ranges and analysis of such emanations are affected by a variety of factors, e.g., the functional design of the information processing equipment; system/equipment installation; and, environmental conditions related to physical security and ambient noise. The term "compromising emanations" rather than "radiation
Radiation
In physics, radiation is a process in which energetic particles or energetic waves travel through a medium or space. There are two distinct types of radiation; ionizing and non-ionizing...

" is used because the compromising signals can, and do, exist in several forms such as magnetic
Magnetic field
A magnetic field is a mathematical description of the magnetic influence of electric currents and magnetic materials. The magnetic field at any given point is specified by both a direction and a magnitude ; as such it is a vector field.Technically, a magnetic field is a pseudo vector;...

- and/or electric field
Electric field
In physics, an electric field surrounds electrically charged particles and time-varying magnetic fields. The electric field depicts the force exerted on other electrically charged objects by the electrically charged particle the field is surrounding...

 radiation, line conduction, or acoustic emissions.

The term TEMPEST is often used broadly for the entire field of Emission Security or Emanations Security (EMSEC). The term TEMPEST was coined in the late '60s and early '70s as a codename for the NSA operation to secure electronic communications equipment from potential eavesdroppers and vice versa the ability to intercept and interpret those signals from other sources.

The U.S. government has stated that the term TEMPEST is not an acronym and does not have any particular meaning, however various backronyms have been suggested, including "Transmitted Electro-Magnetic Pulse / Energy Standards & Testing"; "Telecommunications ElectroMagnetic Protection, Equipment, Standards & Techniques"; "Transient ElectroMagnetic Pulse Emanation STandard"; and "Telecommunications Electronics Material Protected from Emanating Spurious Transmissions"; or, jokingly (but just as factually as the other attempts), "Tiny ElectroMagnetic Particles Emitting Secret Things".

TEMPEST measurement standards


The US and NATO TEMPEST standards define three levels of protection requirements:
  • NATO SDIP-27 Level A (formerly AMSG 720B) and USA NSTISSAM Level I
"Compromising Emanations Laboratory Test Standard"
This is the strictest standard for devices that will be operated in NATO Zone 0 environments, where it is assumed that an attacker has almost immediate access (e.g. neighbour room, 1 m distance).
  • NATO SDIP-27 Level B (formerly AMSG 788A) and USA NSTISSAM Level II
"Laboratory Test Standard for Protected Facility Equipment"
This is a slightly relaxed standard for devices that are operated in NATO Zone 1 environments, where it is assumed that an attacker cannot get closer than about 20 m (or where building materials ensure an attenuation equivalent to the free-space attenuation of this distance).
  • NATO SDIP-27 Level C (formerly AMSG 784) and USA NSTISSAM Level III
"Laboratory Test Standard for Tactical Mobile Equipment/Systems"
An even more relaxed standard for devices operated in NATO Zone 2 environments, where attackers have to deal with about 100 m worth of free-space attenuation (or equivalent attenuation through building materials).


Additional standards include:
  • NATO SDIP-29 (formerly AMSG 719G)
"Installation of Electrical Equipment for the Processing of Classified Information"
This standard defines installation requirements, for example in respect to grounding and cable distances.
  • AMSG 799B
"NATO Zoning Procedures"
Defines an attenuation measurement procedure, according to which individual rooms within a security perimeter can be classified into Zone 0, Zone 1, Zone 2, or Zone 3, which then determines what shielding test standard is required for equipment that processes secret data in these rooms.


All these documents remain classified
Classified information
Classified information is sensitive information to which access is restricted by law or regulation to particular groups of persons. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation...

 and no published information is available about the actual emission limits and detailed measurement procedures that they define. However, some very basic TEMPEST information has not been classified information in the United States
Classified information in the United States
The United States government classification system is currently established under Executive Order 13526, the latest in a long series of executive orders on the topic. Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the...

 since 1995. Short excerpts from the main U.S.
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...

 TEMPEST test standard, NSTISSAM TEMPEST/1-92
NSTISSAM TEMPEST/1-92
NSTISSAM TEMPEST/1-92, sub-titled COMPROMISING EMANATIONS LABORATORY TEST REQUIREMENTS ELECTROMAGNETICS , is a reference document published as an NSTISSAM by the United States National Security Agency . The document was originally classified, but has been declassified with sensitive information...

, are now publicly available, but all the actual emanation limits and test procedures have been redacted
Sanitization (classified information)
Sanitization is the process of removing sensitive information from a document or other medium, so that it may be distributed to a broader audience. When dealing with classified information, sanitization attempts to reduce the document's classification level, possibly yielding an unclassified...

 from the published version. A redacted version of the introductory TEMPEST handbook NACSIM 5000 was publicly released in December 2000. Equally, the NATO standard SDIP-27 (before 2006 known as AMSG 720B, AMSG 788A, and AMSG 784) is still classified.

The US AIR FORCE has published a few mandatory standards regarding Emission Security:

TEMPEST certification


The information-security agencies of several NATO countries publish lists of accredited testing labs and of equipment that has passed these tests:

The United States Army
United States Army
The United States Army is the main branch of the United States Armed Forces responsible for land-based military operations. It is the largest and oldest established branch of the U.S. military, and is one of seven U.S. uniformed services...

 also has a TEMPEST testing facility, as part of the U.S. Army Information Systems Engineering Command, at Fort Huachuca
Fort Huachuca
Fort Huachuca is a United States Army installation under the command of the United States Army Installation Management Command. It is located in Cochise County, in southeast Arizona, about north of the border with Mexico. Beginning in 1913, for 20 years the fort was the base for the "Buffalo...

, Arizona
Arizona
Arizona ; is a state located in the southwestern region of the United States. It is also part of the western United States and the mountain west. The capital and largest city is Phoenix...

. Similar lists and facilities exist in other NATO countries.

TEMPEST certification must apply to entire systems, not just to individual components
Electronic component
An electronic component is a basic electronic element and may be available in a discrete form having two or more electrical terminals . These are intended to be connected together, usually by soldering to a printed circuit board, in order to create an electronic circuit with a particular function...

, since connecting a single unshielded
Shielded cable
A shielded or screened cable is an electrical cable of one or more insulated conductors enclosed by a common conductive layer. The shield may be composed of braided strands of copper , a non-braided spiral winding of copper tape, or a layer of conducting polymer. Usually, this shield is covered...

 component (such as a cable) to an otherwise secure system could dramatically alter the system RF characteristics.

RED/BLACK separation


TEMPEST standards require "RED/BLACK
RED/BLACK concept
The RED/BLACK concept refers to the careful segregation in cryptographic systems of signals that contain sensitive or classified plaintext information from those that carry encrypted information, or ciphertext ....

 separation", i.e. maintaining distance or installing shielding between circuits and equipment used to handle plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....

 classified or sensitive information (RED) and normal unsecured circuits and equipment (BLACK), the latter including those carrying encrypted signals. Manufacture of TEMPEST-approved equipment must be done under careful quality control to ensure that additional units are built exactly the same as the units that were tested. Changing even a single wire can invalidate the tests.

Correlated emanations


One aspect of TEMPEST testing that distinguishes it from limits on spurious emission
Spurious emission
A spurious emission is any radio frequency not deliberately created or transmitted, especially in a device which normally does create other frequencies...

s (e.g. FCC Part 15) is a requirement of absolute minimal correlation between radiated energy or detectable emissions and any plaintext data that are being processed.

Public research


In 1985, Wim van Eck
Van Eck phreaking
Van Eck phreaking is the process of eavesdropping on the contents of a CRT- or LC-Display by detecting its electromagnetic emissions. It is named after Dutch computer researcher Wim van Eck, who in 1985 published the first paper on it, including proof of concept.Phreaking is the process of...

 published the first unclassified technical analysis of the security risks of emanations from computer monitors. This paper caused some consternation in the security community, which had previously believed that such monitoring was a highly sophisticated attack available only to governments; van Eck successfully eavesdropped on a real system, at a range of hundreds of metre
Metre
The metre , symbol m, is the base unit of length in the International System of Units . Originally intended to be one ten-millionth of the distance from the Earth's equator to the North Pole , its definition has been periodically refined to reflect growing knowledge of metrology...

s, using just $15 worth of equipment plus a television
Television
Television is a telecommunication medium for transmitting and receiving moving images that can be monochrome or colored, with accompanying sound...

 set.

In consequence of this research such emanations are sometimes called "van Eck radiation", and the eavesdropping technique van Eck phreaking
Van Eck phreaking
Van Eck phreaking is the process of eavesdropping on the contents of a CRT- or LC-Display by detecting its electromagnetic emissions. It is named after Dutch computer researcher Wim van Eck, who in 1985 published the first paper on it, including proof of concept.Phreaking is the process of...

, although government researchers were already aware of the danger, as Bell Labs
Bell Labs
Bell Laboratories is the research and development subsidiary of the French-owned Alcatel-Lucent and previously of the American Telephone & Telegraph Company , half-owned through its Western Electric manufacturing subsidiary.Bell Laboratories operates its...

 noted this vulnerability to secure TTY
TTY
TTY may stand for:* Teleprinter or Teletypewriter or Teletype Printer, a typewriter paired with an electronic communication channel, used for telecommunications or as a computer terminal....

 communications during World War II
World War II
World War II, or the Second World War , was a global conflict lasting from 1939 to 1945, involving most of the world's nations—including all of the great powers—eventually forming two opposing military alliances: the Allies and the Axis...

 and was able to produce 75% of the plaintext being processed in a secure facility from a distance of 80 feet. Additionally the NSA published Tempest Fundamentals, NSA-82-89, NACSIM 5000, National Security Agency (Classified) on February 1, 1982. In addition, the van Eck technique was successfully demonstrated to non-TEMPEST personnel in Korea
Korea
Korea ) is an East Asian geographic region that is currently divided into two separate sovereign states — North Korea and South Korea. Located on the Korean Peninsula, Korea is bordered by the People's Republic of China to the northwest, Russia to the northeast, and is separated from Japan to the...

 during the Korean War
Korean War
The Korean War was a conventional war between South Korea, supported by the United Nations, and North Korea, supported by the People's Republic of China , with military material aid from the Soviet Union...

 in the 1950s
1950s
The 1950s or The Fifties was the decade that began on January 1, 1950 and ended on December 31, 1959. The decade was the sixth decade of the 20th century...

.

Markus Kuhn
Markus Kuhn
Markus G. Kuhn is a German computer scientist, currently teaching and researching at the University of Cambridge Computer Laboratory. A graduate of the University of Erlangen , he received his MSc at Purdue University and PhD at the University of Cambridge...

 has discovered several low-cost techniques for reducing the chances that emanations from computer displays can be monitored remotely. With CRT
Cathode ray tube
The cathode ray tube is a vacuum tube containing an electron gun and a fluorescent screen used to view images. It has a means to accelerate and deflect the electron beam onto the fluorescent screen to create the images. The image may represent electrical waveforms , pictures , radar targets and...

 displays and analogue
Analog signal
An analog or analogue signal is any continuous signal for which the time varying feature of the signal is a representation of some other time varying quantity, i.e., analogous to another time varying signal. It differs from a digital signal in terms of small fluctuations in the signal which are...

 video cables, filtering out high-frequency components from fonts
Typeface
In typography, a typeface is the artistic representation or interpretation of characters; it is the way the type looks. Each type is designed and there are thousands of different typefaces in existence, with new ones being developed constantly....

 before rendering them on a computer screen will attenuate the energy at which text characters are broadcast. With modern flat panel display
Flat panel display
Flat panel displays encompass a growing number of electronic visual display technologies. They are far lighter and thinner than traditional television sets and video displays that use cathode ray tubes , and are usually less than thick...

s, the high-speed digital serial interface (DVI
Digital Visual Interface
The Digital Visual Interface is a video interface standard covering the transmission of video between a source device and a display device. The DVI standard has achieved widespread acceptance in the PC industry, both in desktop PCs and monitors...

) cables from the graphics controller are a main source of compromising emanations. Adding random noise to the less significant bits
Least significant bit
In computing, the least significant bit is the bit position in a binary integer giving the units value, that is, determining whether the number is even or odd. The lsb is sometimes referred to as the right-most bit, due to the convention in positional notation of writing less significant digits...

 of pixel values may render the emanations from flat-panel displays unintelligible to eavesdroppers but is not a secure method. Since DVI uses a certain bit code scheme
8B/10B encoding
In telecommunications, 8b/10b is a line code that maps 8-bit symbols to 10-bit symbols to achieve DC-balance and bounded disparity, and yet provide enough state changes to allow reasonable clock recovery. This means that the difference between the count of 1s and 0s in a string of at least 20 bits...

 for trying to transport an evenly balanced signal of 0 and 1 bits there may not be much difference between two pixel colours that differ very much in their colour or intensity. It may also be that the generated emanations may differ totally even if only the last bit of a pixel's colour is changed. The signal received by the eavesdropper does also depend on the frequency where the emanations are detected. The signal can be received on many frequencies at once and each frequency's signal differs in contrast
Contrast (vision)
Contrast is the difference in visual properties that makes an object distinguishable from other objects and the background. In visual perception of the real world, contrast is determined by the difference in the color and brightness of the object and other objects within the same field of view...

 and brightness
Brightness
Brightness is an attribute of visual perception in which a source appears to be radiating or reflecting light. In other words, brightness is the perception elicited by the luminance of a visual target...

 related to a certain colour on the screen. Usually, the technique of smothering the RED signal with noise is not effective unless the power of the noise is sufficient to drive the eavesdropper's receiver into saturation
Saturation (telecommunications)
In telecommunications, the term saturation has the following meanings:*In a communications system, the condition at which a component of the system has reached its maximum traffic-handling capacity...

 and thus overwhelming the receiver input.

LED
Light-emitting diode
A light-emitting diode is a semiconductor light source. LEDs are used as indicator lamps in many devices and are increasingly used for other lighting...

 indicators on computer equipment can be a source of compromising optical emanations. One such technique involves the monitoring of the lights on a network switch
Network switch
A network switch or switching hub is a computer networking device that connects network segments.The term commonly refers to a multi-port network bridge that processes and routes data at the data link layer of the OSI model...

. Almost all network switches flash to show activity, and it is normal for the flashes to be directly taken from the data line. As such, a fast optical system can easily see the changes in the flickers from the data being transmitted down the wire.

Further, recent research has shown it is possible to detect the radiation corresponding to a keypress event from not only wireless
Wireless
Wireless telecommunications is the transfer of information between two or more points that are not physically connected. Distances can be short, such as a few meters for television remote control, or as far as thousands or even millions of kilometers for deep-space radio communications...

 (radio) keyboards, but also from traditional wired keyboards, and even from laptop keyboards.

See also

  • Computer surveillance
    Computer surveillance
    Computer surveillance is the act of performing surveillance of computer activity, and of data stored on a hard drive or being transferred over the Internet....

  • Computer insecurity
    Computer insecurity
    Computer insecurity refers to the concept that a computer system is always vulnerable to attack, and that this fact creates a constant battle between those looking to improve security, and those looking to circumvent security.-Security and systems design:...

  • ECHELON
    ECHELON
    ECHELON is a name used in global media and in popular culture to describe a signals intelligence collection and analysis network operated on behalf of the five signatory states to the UK–USA Security Agreement...

  • Side channel attack
    Side channel attack
    In cryptography, a side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms...


External links