Presentation is loading. Please wait.

Presentation is loading. Please wait.

BY: NICK DOWNER TEMPEST EMISSIONS. OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage.

Published byBerniece Ball Modified over 8 years ago

Similar presentations

Presentation on theme: "BY: NICK DOWNER TEMPEST EMISSIONS. OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage."— Presentation transcript:

1 BY: NICK DOWNER TEMPEST EMISSIONS

2 OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage

3 WHAT IS TEMPEST? “TEMPEST is the name of a technology involving the monitoring (and shielding) of devices that emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data.” -sans reading room

4 WHAT ARE LEAKAGES OR “EMANATIONS” Every electronic device gives off some type of electromagnetic signal, or “emanations” A proper design will limit these emanations but there will always be some level of leakage Like crosstalk on phone lines Examples Shaver Radio’s from cellphones Hard Drives (like a fingerprint)

5 THE EARLY YEARS OF TEMPEST The name TEMPEST has no definite meaning… Early government code word Telecommunications Electronics Material Protected from Emancipating Spurious Transmissions Transient Electromagnetic Pulse Emanation STandard Also referred to as “Van Eck Phreaking” after the Dutch scientist Wim can Eck

6 THE EARLY PROOF Wim can Eck demonstrated that he could easily pick up nearby computer monitor emissions and display them on a TV monitor Used a normal TV receiver made suitable for the purpose of capturing the emissions Was able to display video from a computer monitor on a separate TV monitor May be feasible up to 1km

7 THE EARLY PROOF In his 1986 book, Peter Wright explains how MI5 spied on messages sent by the French during England’s negotiations to join the European Economic Community (EEG) They were interested in what the French thought of England entering the EEG MI5 tried to break the French diplomatic cypher but failed However, they noticed the encipher traffic carried a faint secondary signal, and constructed equipment to recover it It turned out to be plaintext

8 DETECTING TEMPEST TEMPEST eavesdropping reconstructs the electromagnetic signals put off by electronics Equipment needed Sensitive receivers are used which can capture a wide range of frequencies Software to turn the raw findings into the original data Problems that can occur Can contain other EMR/interference from outside sources

9 TEMPEST TESTING EQUIPMENT Codex Data Systems Produces a device called D.I.R.T (Data Interception by Remote Transmission) The army buys the $20,000 units but the company agreed to a Pentagon request to halt sales to anyone else Allows stealth monitoring of all activity on one or more target computers No physical access is necessary

10 IMPACTS OF TEMPEST Loss of Integrity Confidentiality Availability Reduces effectiveness of encryption Can mirror screen

11 TEMPEST STANDARDS National Communications Security Committee Directive 4 sets TEMPEST standards Very costly and classified Private sector started ZONE More cost effective but less secure 3 categories 1 is extremely secure and only available to US government 2 is somewhat less secure but still requires US government approval to use 3 is for general commercial use

12 HOW TO PROTECT Covering the device/cabling in a faraday cage Buy a TEMPEST certified computer Purchase equipment that meets modern standards for emission Use only shielded cable for all system interconnections Keep cable runs as short as possible Encrypt all information being sent and received from the device

13 TEMPEST….FACT OR FICTION James Atkinson a telecommunications engineer, president of Granite Island Group has worked with TEMPEST for 20 years Claims TEMPEST is not a spying technology and anyone who says it is is misinformed or lying Claims todays PC’s are shielded to prevent leakage and disturbing other connections Says taking a peek at someone else's computer screen from a distance is possible, but its very difficult to do, costly, and often impractical

14 MORE EVIDENCE Wayne Madsen from the Electronic Privacy Information Center claims Todays computers are unlike that of the old cathode-ray tube days They’re more ruggedized and heavily shielded so these emissions are a lot harder to pick up/detect TEMPEST isn’t as big of a problem as it once was, but engineers hype the problem

15 EVIDENCE John Young a New York architect says he often designs TEMPEST security features into buildings for law firms and banks He has an interest in tempest and has filed several freedom of information requests with the US government to declassify NSA documents dealing with TEMPEST.

16 WHAT DOES ALL THIS MEAN? There is debate among professionals as to the severity of TEMPEST emanations Not much is known since most TEMPEST material is classified by the government

17 SO WHAT CAN WE DO Use common sense with encryption Keep cable runs short Buy highly insulated cables

18 QUESTIONS? Any Questions?

19 RESOURCES http://www.sans.org/reading_room/whitepapers/pri vacy/introduction-tempest_981 http://cryptome.org/tempest-fret.htm http://users.telenet.be/ws36178/security/topsecret/t empest.html http://www.wired.com/threatlevel/2008/04/nsa- releases-se/

Download ppt "BY: NICK DOWNER TEMPEST EMISSIONS. OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage."

Similar presentations

IT: Communication and Impacts

IT: Communication and Impacts
Telecommunications & Networking

Telecommunications & Networking
Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013.

Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Direct Attacks on Computational Devices

Direct Attacks on Computational Devices
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
TRANSEC/EMSEC/ TEMPEST Artur Zak CS 996 – Information Security Management March 30, 2005.

TRANSEC/EMSEC/ TEMPEST Artur Zak CS 996 – Information Security Management March 30, 2005.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Wireless Security.

Wireless Security.
Bluetooth What is it and where is it going?. Background…..   Conceived initially by Ericsson, before being adopted by a myriad of other companies, Bluetooth.

Bluetooth What is it and where is it going?. Background…..   Conceived initially by Ericsson, before being adopted by a myriad of other companies, Bluetooth.
Principles of Information Technology

Principles of Information Technology
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
1 E-Commerce Introduction Professor Joshua Livnat, Ph.D., CPA 311 Tisch Hall New York University 40 W. 4th St. NY NY 10012 Tel. (212) 998-0022 Fax (212)

1 E-Commerce Introduction Professor Joshua Livnat, Ph.D., CPA 311 Tisch Hall New York University 40 W. 4th St. NY NY Tel. (212) Fax (212)
Chapter 15 Emission Security. Introduction Emissions Security (Emsec) Tempest defenses Stray RF emitted by Electronics Power Analysis Set back Smart Card.

Chapter 15 Emission Security. Introduction Emissions Security (Emsec) Tempest defenses Stray RF emitted by Electronics Power Analysis Set back Smart Card.
Chapter Preview  In this chapter, we will study:  The basic components of a telecomm system  The technologies used in telecomm systems  Various ways.

Chapter Preview  In this chapter, we will study:  The basic components of a telecomm system  The technologies used in telecomm systems  Various ways.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
TYPES OF NETWORKS NETWORK CONFIGURATIONS /TOPOLOGIES TRANSMISSION MEDIA By B. Vialva.

TYPES OF NETWORKS NETWORK CONFIGURATIONS /TOPOLOGIES TRANSMISSION MEDIA By B. Vialva.

Similar presentations

Ads by Google