IP: BEATING THE TEMPEST

[Dave Farber <farber () cis upenn edu>]

Date: Mon, 16 Nov 1998 07:40:36 -0500 (EST)
From: Ken Williams <jkwilli2 () unity ncsu edu>


-----BEGIN PGP SIGNED MESSAGE-----

BEATING THE TEMPEST: December 1998

<http://www.sciam.com/1998/1298issue/1298techbus4.html>

Just because you're paranoid doesn't mean they aren't out to get you. Most 
computer users would be startled to realize that somebody 
parked outside their home with the right kind of (very expensive) receiving 
equipment can read the data that appear on their computer 
screens. The receiver uses the monitor's radio emanations to reconstruct the 
screen's contents. The http://www.state.gov/";>U.S. 
Department of State and other organizations spend a fortune buying 
shielded hardware to defeat these signals, known as Tempest <A 
HREF="http://www.noradcorp.com/1tutor.htm";>radiation, after the code 
name for a government program aimed at tackling it.

Now Ross Anderson, a computer scientist at the <A 
HREF="http://www.cam.ac.uk/";>University of Cambridge, and graduate 
student Markus 
G. Kuhn say they have developed methods for controlling Tempest radiation. 
What's different about their techniques is that they run in 
software, making them much cheaper and easier to deploy.

The story began, Anderson says, when <A 
HREF="http://www.microsoft.com/";>Microsoft made its $20-million 
investment in Cambridge's 
computer science lab and said the company was particularly interested in 
ways to control software piracy. Most approaches call for some 
kind of copy protection; Anderson's idea was to design something that would 
enable detection of offenders rather than prohibit copying, 
which is a nuisance loathed by consumers. Their concept was to make computer 
screens broadcast the serial number of the software in use. 
In principle, properly equipped vans could patrol business districts looking 
for copyright infringements. In researching the broadcast 
idea, Anderson and Kuhn came up with fundamental discoveries about Tempest.

In particular, they observed that emissions relating to screen content are 
mostly found in the higher bands--above 30 megahertz, in the 
UHF and VHF bands. So altering those frequencies could change the Tempest 
radiation.

Anderson and his colleagues have fashioned a couple of prototypes that rely 
on different frequency-alteration methods. One of the lab's 
prototypes, built using a black-and-white video display capable of 
monitoring and receiving Tempest radiation, filters the top 
frequencies. As a result, the fonts become unreadable to the eavesdropping 
receiver. On-screen, the fonts look comfortably legible and 
nearly normal. Filtering text requires display software that supports 
grayscale representation of fonts, but most computers have this 
ability. Therefore, Anderson believes this technology could be easily built 
into existing machines, although the fonts' interference with 
graphics makes it more likely they would be included in a security product 
than in, say, a general operating system.

The second prototype takes advantage of the display technique known as 
dithering, a method of mixing extra colors from a limited palette 
based on the principle that if the dots that make up the display are small 
enough, the human eye will perceive the mix as a solid color. 
Given a monitor of today's high resolutions, the human eye cannot 
distinguish between a solid medium gray and a pattern of 
black-and-white pixels that adds up to the same gray. But the pattern of 
black and white is much easier for the snooping receiver to 
detect, one consequence being that the computer could be programmed to 
broadcast a different signal from the one that actually appears on 
the screen. The demonstration on display at Anderson's lab serves as a nice 
example, in which the word "Oxford" on the display appears as 
"Cambridge" on the receiver.

Aside from stemming electronic eavesdropping, these prototypes could open 
the way to new types of security attacks on computers, Anderson 
and Kuhn suggest. A virus could be designed to find and then broadcast 
information stored on a machine without a user's knowledge. The 
game of spy versus spy goes on.

WENDY M. GROSSMAN is a freelance writer based in London.

- ----------

_____________________________________________________________________
David Farber         
The Alfred Fitler Moore Professor of Telecommunication Systems
University of Pennsylvania 
Home Page: http://www.cis.upenn.edu/~farber