Tempest (alias)

Tempest ( German literally "storm" ) was originally the English code name for an electromagnetic listening method . The meaning has now been reversed and this term has become the “ seal of approval ” for protection against precisely this type of attack .

method

131B2 cryptological mixer , as used in the United States during World War II to encrypt military telex communications . This was the first time that American scientists discovered the possibility of eavesdropping using electromagnetic interference.

After the effect of the unintentional emission of electromagnetic waves by electronic devices was discovered by American cryptologists during the Second World War when they were investigating their own key machine , the Sigtot , the method of inferring news content from it was used by secret services such as the Cold War era National Security Agency (NSA) technically refined and used clandestinely . Since 1985 she became publicly known under the name Van-Eck-Phreaking . In cryptology , there is also the term side channel attack for this .

The is radiated interference , for example by computer - screens ( monitors ), exploited this at some distance obscured received , and used the collected signals to reveal in a data content zurückzuschließen. In the best case scenario, an attacker succeeds unnoticed in reconstructing the entire screen content.

Defense measures

A basic defense measure is the shielding of individual assemblies , the devices or, in extreme cases, the entire system. A particularly rigid measure is the placement of sensitive electronics within a Faraday cage , that is, a metallic conductive envelope. As a result, the interfering radiation is “kept in the cage” and cannot penetrate outside. Such rooms exist, for example, within military command centers or in embassy buildings .

Certification

In the meantime the original meaning has been reversed and the NSA no longer describes the now publicly known espionage method, but, on the contrary, defensive measures against precisely this possibility of attack. She coined the term Certified TEMPEST Test Services Program (CTTSP) for the certified security of devices against eavesdropping measures of this kind . The so-called TEMPEST Certification certifies the protection of devices against such eavesdropping methods.

Web links

TEMPEST at NSA.gov (English)
Complete Unofficial TEMPEST Information Page at Archive.org (English)
Tempest - A Signal Problem at NSA.gov (English)
Hacker demonstrates Van Eck phreaking despite HDMI at Heise.de

Individual evidence

↑ Van-Eck-Phreaking - Electronic (economic) espionage. at Risknet.de , accessed on August 14, 2019.
↑ TEMPEST at NSA.gov (English), accessed on August 14, 2019.

[1] Van-Eck-Phreaking - Electronic (economic) espionage. at Risknet.de , accessed on August 14, 2019.

[2] TEMPEST at NSA.gov (English), accessed on August 14, 2019.