BY: NICK DOWNER TEMPEST EMISSIONS. OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage.

Slides:



Advertisements
Similar presentations
IT: Communication and Impacts
Advertisements

Telecommunications & Networking
Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Direct Attacks on Computational Devices
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
TRANSEC/EMSEC/ TEMPEST Artur Zak CS 996 – Information Security Management March 30, 2005.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Wireless Security.
Bluetooth What is it and where is it going?. Background…..   Conceived initially by Ericsson, before being adopted by a myriad of other companies, Bluetooth.
Principles of Information Technology
Introduction (Pendahuluan)  Information Security.
1 E-Commerce Introduction Professor Joshua Livnat, Ph.D., CPA 311 Tisch Hall New York University 40 W. 4th St. NY NY Tel. (212) Fax (212)
Chapter 15 Emission Security. Introduction Emissions Security (Emsec) Tempest defenses Stray RF emitted by Electronics Power Analysis Set back Smart Card.
Chapter Preview  In this chapter, we will study:  The basic components of a telecomm system  The technologies used in telecomm systems  Various ways.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
Computer Networks IGCSE ICT Section 4.
TYPES OF NETWORKS NETWORK CONFIGURATIONS /TOPOLOGIES TRANSMISSION MEDIA By B. Vialva.
Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.
Security+ All-In-One Edition Chapter 20 – Forensics Brian E. Brzezicki.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Methods of communication
Encryption Presentation Jamie Roberts. Encryption Defined: n The process of converting messages, information, or data into a form unreadable by anyone.
Communication channels and transmission media
Introductory Communications Objectives  To gain an overview of: Modems and digital telephone lines Analogue to digital conversion and digital to analogue.
Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
Networking Two or more computers linked together so that it is capable of sending messages between them. Network Stand Alone Computer.
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely presents:
3/31/121 Practicing Safe Computing Brian Cox 3/31/12.
Introduction to Engineering and Technology Concepts Unit Five Chapter Five – Computer and Internet Connections.
The Impact of Communication Technology Part 2. Economic Impact Today, businesses rely on computers, high tech telephones, fax machines and local area.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
Royal Latin School. Spec Coverage: a) Explain the advantages of networking stand-alone computers into a local area network e) Describe the differences.
Echelon › Developed by National Security Agency of USA. › A secret project to spy on people by tracing their messages. › To find out the terrorist activities.
Computer Networks. Why Create Networks? Communication Communication technologies such as , sms, video-conference can be used Makes communication.
Cell Phone Jammer 1www.engineersportal.in. Contents Introduction How Cell Phone Jammer Works Types of Jamming techniques Design Parameters/ Specification.
Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida.
Electromagnetic Radiation from VDUs: An Eavesdropping Risk? Paul Shotbolt Article in “Computers and Security” Volume 4. Number 4.by Wim van Eck.
Penetrating encrypted evidence Writer : Hank Wolfe University of Otago, Computer Security, Forensics, Information Science Department, New Zealand Presentation.
COEN 350 Network Security Introduction. Computer Networks OSI Reference Model Application Layer Presentation Layer Session Layer Transport Layer Network.
Component 16- Professionalism/Customer Service in the Health Environment Unit 9- Personal Communications and Professionalism This material was developed.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
Computer security By Isabelle Cooper.
Topic 5: Basic Security.
©UNT in partnership with TEA1 Telecommunications & Networking Unit Subtitle: Modems.
Wireless Security. Traditional method A computer with network card a cable connecting network card and the network.
FriendFinder Location-aware social networking on mobile phones.
FriendFinder Location-aware social networking on mobile phones.
TEMPEST AND ECHELON BY – Y.SRUTHI.  TEMPEST and ECHELON are the method of spying in a sophisticated manner.  Both technologies are a part of secret.
Communications security
Introduction With the development of the Internet a phenomenon known as 'electronic commerce' or 'ecommerce' for short, has been growing. Ecommerce has.
Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC
Contemporary issues in education
Computer Networks. Computer Network ► A computer network is a group of computers that are linked together.
Computer threats, Attacks and Assets upasana pandit T.E comp.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Brianne Stewart.   A wireless network is any computer network that is not connected with a cable  Many homes use this type of internet access  Less.
Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.
Installation and Setting up a Wireless LAN. Why would you want a Wireless LAN? Because it would take a lot of cable to set up your Internet, and a wireless.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Submitted by: Himanshi Sharma(IV yr.IT,Sec-a).  The notion of spying is a very sensitive topic after the September 11 attack of Terrorists in New York.
COAXIAL CABLE.
Computer Security Security Concepts September 20, 2018
ROHIT RAJ TEMPEST AND ECHELON A SEMINAR BY ROLL NO VII TH SEM
Networking 101.
Presentation transcript:

BY: NICK DOWNER TEMPEST EMISSIONS

OVERVIEW What are tempest emissions? Detecting tempest emissions Security concerns How to protect against leakage

WHAT IS TEMPEST? “TEMPEST is the name of a technology involving the monitoring (and shielding) of devices that emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data.” -sans reading room

WHAT ARE LEAKAGES OR “EMANATIONS” Every electronic device gives off some type of electromagnetic signal, or “emanations” A proper design will limit these emanations but there will always be some level of leakage Like crosstalk on phone lines Examples Shaver Radio’s from cellphones Hard Drives (like a fingerprint)

THE EARLY YEARS OF TEMPEST The name TEMPEST has no definite meaning… Early government code word Telecommunications Electronics Material Protected from Emancipating Spurious Transmissions Transient Electromagnetic Pulse Emanation STandard Also referred to as “Van Eck Phreaking” after the Dutch scientist Wim can Eck

THE EARLY PROOF Wim can Eck demonstrated that he could easily pick up nearby computer monitor emissions and display them on a TV monitor Used a normal TV receiver made suitable for the purpose of capturing the emissions Was able to display video from a computer monitor on a separate TV monitor May be feasible up to 1km

THE EARLY PROOF In his 1986 book, Peter Wright explains how MI5 spied on messages sent by the French during England’s negotiations to join the European Economic Community (EEG) They were interested in what the French thought of England entering the EEG MI5 tried to break the French diplomatic cypher but failed However, they noticed the encipher traffic carried a faint secondary signal, and constructed equipment to recover it It turned out to be plaintext

DETECTING TEMPEST TEMPEST eavesdropping reconstructs the electromagnetic signals put off by electronics Equipment needed Sensitive receivers are used which can capture a wide range of frequencies Software to turn the raw findings into the original data Problems that can occur Can contain other EMR/interference from outside sources

TEMPEST TESTING EQUIPMENT Codex Data Systems Produces a device called D.I.R.T (Data Interception by Remote Transmission) The army buys the $20,000 units but the company agreed to a Pentagon request to halt sales to anyone else Allows stealth monitoring of all activity on one or more target computers No physical access is necessary

IMPACTS OF TEMPEST Loss of Integrity Confidentiality Availability Reduces effectiveness of encryption Can mirror screen

TEMPEST STANDARDS National Communications Security Committee Directive 4 sets TEMPEST standards Very costly and classified Private sector started ZONE More cost effective but less secure 3 categories 1 is extremely secure and only available to US government 2 is somewhat less secure but still requires US government approval to use 3 is for general commercial use

HOW TO PROTECT Covering the device/cabling in a faraday cage Buy a TEMPEST certified computer Purchase equipment that meets modern standards for emission Use only shielded cable for all system interconnections Keep cable runs as short as possible Encrypt all information being sent and received from the device

TEMPEST….FACT OR FICTION James Atkinson a telecommunications engineer, president of Granite Island Group has worked with TEMPEST for 20 years Claims TEMPEST is not a spying technology and anyone who says it is is misinformed or lying Claims todays PC’s are shielded to prevent leakage and disturbing other connections Says taking a peek at someone else's computer screen from a distance is possible, but its very difficult to do, costly, and often impractical

MORE EVIDENCE Wayne Madsen from the Electronic Privacy Information Center claims Todays computers are unlike that of the old cathode-ray tube days They’re more ruggedized and heavily shielded so these emissions are a lot harder to pick up/detect TEMPEST isn’t as big of a problem as it once was, but engineers hype the problem

EVIDENCE John Young a New York architect says he often designs TEMPEST security features into buildings for law firms and banks He has an interest in tempest and has filed several freedom of information requests with the US government to declassify NSA documents dealing with TEMPEST.

WHAT DOES ALL THIS MEAN? There is debate among professionals as to the severity of TEMPEST emanations Not much is known since most TEMPEST material is classified by the government

SO WHAT CAN WE DO Use common sense with encryption Keep cable runs short Buy highly insulated cables

QUESTIONS? Any Questions?

RESOURCES vacy/introduction-tempest_ empest.html releases-se/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.