RE: Fiber optic vampire taps

["Bruce De Witte" <brudew () attbi com>]

I don't think you are remembering correctly.  One reason for using fiber is
its security in that it gives off no electromagnetic field.  In a typical
cable, the fiber is buffered by a vinyl sheath, and then in cheaper cables,
a simple exterior cable sheath is applied.  It is impossible to "tap" the
optical energy from outside the cable sheath or the fiber buffer.

An optical fiber is basically a waveguide (think of it as an electrical
circuit) built to very precise dimensions which support the very specific
light frequencies desired.  It has a very special glass (or plastic, but
plastic is much more lossy) core which is encased in a glass cladding.  The
cladding is the same as the core glass with a doping agent providing a
different optical refraction index. If you break the cladding, the
electrical circuit is broken and transmission ceases.

It has been proposed by physicists that one could tap into a fiber
undetected, but has never been proven -- as far as I know.  (Perhaps the NSA
or CIA, but I doubt it.)  In order to tap into fiber, you would need
nanometer control and special chemical processes in a near clean room
environment to etch away just enough cladding to intercept some of the
optical energy.  Etch too much and the circuit is broken and transmission
ceases. Looking at a fiber from the side gives no optical energy.

The only conceivable way for someone to tap the cable, would be to brake it,
add optical connectors, add fiber optic receiver and transmitter as well as
transducers to detect the optical energy into a digital stream.  Obviously,
transmission has ceased for a considerable time.  The intruder would also
have to power its interception devise & provide a means to transmit the
information to a convenient place.  This is no easy task.

If your client is still concerned, have him purchase a link encryptor which
would encrypt the digital stream prior to optical transmission.  There are
many vendors.

BBB



-----Original Message-----
From: Nick Iglehart [mailto:nick () systemsecuritysolutions com] 
Sent: Friday, December 20, 2002 6:41 PM
To: security-basics () securityfocus com
Subject: Fiber optic vampire taps

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have a client who has a fiber optic line between two buildings. 
There is no physical security and so they are concerned about someone
tapping into the fiber line and capturing data.  

I read something a while back about tapping fiber optic lines without
breaking the sheathing and now I can't seem to find anything but
vague references to it.  I have googled for hours and checked the sf
archives with no luck.  Anyone have any references to this?  Any help
is appreciated.

Nick

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPgOqcKq/UK5/FuEgEQJrawCgqX64DN0KqFv4h373stMEcU70vB8AoMZ3
9YU6ysv+TwubV0jkbfAJ3K5n
=LoN2
-----END PGP SIGNATURE-----