TEMPEST In A Software Defined Radio

In 1985, [Wim van Eck] published several technical reports on obtaining information the electromagnetic emissions of computer systems. In one analysis, [van Eck] reliably obtained data from a computer system over hundreds of meters using just a handful of components and a TV set. There were obvious security implications, and now computer systems handling highly classified data are TEMPEST shielded – an NSA specification for protection from this van Eck phreaking.

Methods of van Eck phreaking are as numerous as they are awesome. [Craig Ramsay] at Fox It has demonstrated a new method of this interesting side-channel analysis using readily available hardware (PDF warning) that includes the ubiquitous RTL-SDR USB dongle.

The experimental setup for this research involved implementing AES encryption on two FPGA boards, a SmartFusion 2 SOC and a Xilinx Pynq board. After signaling the board to run its encryption routine, analog measurement was performed on various SDRs, recorded, processed, and each byte of the key recovered.

The results from different tests show the AES key can be extracted reliably in any environment, provided the antenna is in direct contact with the device under test. Using an improvised Faraday cage constructed out of mylar space blankets, the key can be reliably extracted at a distance of 30 centimeters. In an anechoic chamber, the key can be extracted over a distance of one meter. While this is a proof of concept, if this attack requires direct, physical access to the device, the attacker is an idiot for using this method; physical access is root access.

However, this is a novel use of software defined radio. As far as the experiment itself is concerned, the same result could be obtained much more quickly with a more relevant side-channel analysis device. The ChipWhisperer, for example, can extract AES keys using power signal analysis. The ChipWhisperer does require a direct, physical access to a device, but if the alternative doesn’t work beyond one meter that shouldn’t be a problem.

12 thoughts on “TEMPEST In A Software Defined Radio

  1. I think there is a difference between 1m proximity to a device, vs enough access to hook in to the power lines of the device.

    One might be done under the nose of someone, while the other would not be possible without invoking suspicion!

  2. ” The ChipWhisperer, for example, can extract AES keys using power signal analysis.”

    I imagine power feeds are suitably isolated as well in high security areas.

    “In 1985, [Wim van Eck] published several technical reports on obtaining information the electromagnetic emissions of computer systems.”

    I would think that big windowless NSA building* would go further back than 1985.

    *The one that’s one big Faraday cage.

    1. Are you picturing someone splicing wires under a desk in the middle of a work day? I would imagine something more along the lines of a janitor (or someone pretending to be one) swapping out a power strip or a UPS with one of the same model in the middle of the night.

    2. Indeed, information security is a multilevel requirement. Successful security is a continuous process including vetting of personnel, continuing education and awaress training, physical security, and penetration testing.

      I can’t speak for the way it is now, but I worked in a US seccurity oriented agency in the 1970s where TEMPEST was a well understood risk and part of daily secuity practice. Unintentional conducted and radiated plain text from equipment was understood and measures were taken to engineer out emissions and to prevent compromise modification of equipment by outside actors to cause intentional emissions. TEMPEST awareness goes back to at least the early 1960s when the US found the then Soviet Union was tapping encrypted data circuits and power lines outside US facilities. It was then discovered the Soviets realized that emissions correlated to plain text were getting a free ride out on circuits thought to be secure.

      The US carried out a most daring and successful TEMPEST intercept by inductively tapping an undersea communication cable of the Soviet Union in Operation Ivy Bells. Ivy Bells was brought to an end only when the Soviets found out via a compromised US government employee. The rather large captured Ivy Bells intercept device is now on display at a Russian museum. There are several web sites related to the Ivy Bells story. The take-away is that security through obsurity does not work and also that people are almost always the wakest element of any security scenario.

    3. If power analysis is a known vulnerability, I would expect the big boys to run countermeasures.

      e.g. Run AES on boring newspaper articles, do pointless calculations at random intervals, or even better – design an algorithm that draws constant power regardless of workload.

      1. Simply run a bunch of operations on the same power bus. 379 PCs doing reports on why the TPS report covers are the wrong color will mask one other machine doing something useful.

  3. As a proof of concept demonstration capturing an encryption key sounds a bit over complicated. I would be interested to know at what distance they could figure out plain keystrokes on a PC or maybe spy on what’s going on inside of common office applications such as Microsoft Word.

  4. Shielding similar measures seem to be costly overkill. Wouldn’t it simply be easier to jam these weak signals with much more powerful ones. You could even create ones that have bogus data to further confuse and confound.

    Remember, in WWII when we wanted the Germans to believe that Normandy would be a feint, that the real landing would be in Calais, we didn’t just hide the real plans we fed them information that suggested Calais.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.