http://blog.wired.com/27bstroke6/2008/04/nsa-releases-se.html
By Ryan Singel
Threat Level
Wired.com
April 29, 2008
It was 1943, and an engineer with Bell Telephone was working on one of
the U.S. government's most sensitive and important pieces of wartime
machinery, a Bell Telephone model 131-B2. It was a top secret encrypted
teletype terminal used by the Army and Navy to transmit wartime
communications that could defy German and Japanese cryptanalysis.
Then he noticed something odd.
Far across the lab, a freestanding oscilloscope had developed a habit of
spiking every time the teletype encrypted a letter. Upon closer
inspection, the spikes could actually be translated into the plain
message the machine was processing. Though he likely didn't know it at
the time, the engineer had just discovered that all information
processing machines send their secrets into the electromagnetic ether.
Call it a TEMPEST in a teletype.
This story of how the United States first learned about the fundamental
security vulnerability called "compromising emanations" is revealed for
the first time in a newly-declassified 1972 paper TEMPEST: A Signal
Problem (.pdf) [1], from the National Security Agency's secret in-house
journal Cryptologic Spectrum [2].
"There has always been speculation about TEMPEST coming out of the Cold
War period," says Joel McNamara, author of Secrets of Computer
Espionage: Tactics and Countermeasures, who maintained for years the
best compilation of public information on TEMPEST [3]. "But the 1943
Bell Labs discovery is roughly ten years earlier than I would have
expected."
The unnamed Bell Telephone technician was the Alexander Graham Bell of a
new, secret science, in which electronic eavesdroppers -- as far away as
hundreds of feet from their target tune into radio waves leaking from
electronic equipment to steal secrets.
Building on the breakthrough, the U.S. developed and refined the science
in an attempt to spy on the Soviets during the Cold War. And it issued
strict standards for shielding sensitive buildings and equipment. Those
rules are now known to government agencies and defense contractors as
TEMPEST [4], and they apply to everything from computer monitors to
encrypted cell phones that handle classified information.
Until now, little has been known about when and how the U.S. government
began trying to protect itself from this threat, and the NSA paper tells
the story well.
Bell Telephone faced a dilemma. They had sold the equipment to the
military with the assurance that it was secure, but it wasn't. The
only thing they could do was to tell the [U.S. Army] Signal Corps
about it, which they did. There they met the charter members of a
club of skeptics who could not believe that these tiny pips could
really be exploited under practical field conditions. They are
alleged to have said something like: "Don't you realize there's a
war on? We can't bring our cryptographic operations to a screeching
halt based on a dubious and esoteric laboratory phenomenon. If this
is really dangerous, prove it."
So the Bell engineers were place in a building on Varick Street in
New York. Across the street and 80 feet away was Signal Corps Varick
Street cryptocenter. The engineers recorded signals for about an
hour. Three or four hours later, they produced about 75% of the
plain text that was being processed--a fast performance, by the way,
that has been rarely equaled.
Oddly, the lessons were forgotten at the close of the World War II --
even as the Soviets seemed to have learned to insulate their machines.
In 1951, the CIA told the nascent NSA that they had been playing with
the Bell teletype machines and found they could read plain text from a
quarter mile down the signal line.
In 1962, the Japanese, then our allies, attempted just that by aiming
antenna on top of a hospital at a U.S. crypto center, according to the
article. And the Russians did the same -- planting not just the famous
40 microphones in the U.S.'s Moscow embassy, but also seeding mesh
antenna in the concrete ceiling, whose only purpose could have been
stealing leaked energy pulses.
The principal of the TEMPEST attack is deceptively simple. Any machine
that processes information -- be it a photocopier, an electric
typewriter or a laptop -- have parts inside that emit electromagnetic
and acoustic energy that radiates out, as if they were tiny radio
stations. The waves can even be picked up and amplified by nearby power
lines, telephone cables and even water pipes, carrying them even
further. A sophisticated attacker can capture the right frequency,
analyze the data for patterns and recover the raw information the
devices were processing or even the private encryption keys inside the
machine.
Decades ago the FCC has set standards prohibiting electrical devices
from interfering with other ones, concerned merely about noise. These
days we know that computer monitors, audio cables and other information
machines like credit card machines in restaurants actually emit
sensitive information.
Outside of the government, almost nothing was known about how such
eavesdropping worked until 1985, when a computer researcher named Wim
van Eck published a paper explaining how cheap equipment could be used
to pick up and redisplay information from a computer monitor. The first
mentions of TEMPEST began in the mid 60s, and Gene Hackman introduced
the Faraday cage to the public in the 1970s in the classic eavesdropping
movie The Conversation.
In addition to explaining how the U.S. discovered compromising
emanations, the declassified NSA document provides a surprising
historical snapshot of Cold War espionage techniques, says McNamara.
"It is ... interesting that CIA rediscovered the vulnerability in 1951
and work on countermeasures soon followed," he says. "One can assume
that the U.S. Intelligence Community also begin using the electronic
surveillance technique against foreign powers during this same time
frame. From the 1953 and 1954 dates mentioned in the document, it seems
the Russians were aware of the vulnerability by then, and were taking
measures to secure their communications equipment.
Princeton University science professor Matt Blaze also expressed some
amazement at the Bell researchers discovering as early as 1943 that
digital equipment leaked information.
The earliest reference to emissions attacks I'm aware of ... is
Peter Wright's recollections, in his book Spycatcher, of following
around spies in 1950's London by tracking the local oscillators of
their radio receivers. But that's analog, not digital.
The NSA did not declassify the entire paper however, leaving the
description of two separate, but apparently related, types of attacks
enticingly redacted.
One attack is called "Flooding" and the other "Seismic."
The idea of being able to steal plain text of an encrypted message using
earthquake sensors? Stinkin' cool.
THREAT LEVEL anxiously awaits the back story on that attack to be told.
[1] http://www.nsa.gov/public/pdf/tempest.pdf
[2] http://www.nsa.gov/public/crypt_spectrum.cfm
[3] http://www.eskimo.com/~joelm/tempest.html
[4] http://en.wikipedia.org/wiki/TEMPEST
_______________________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss
Comments