Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: New Scientist Article on Do-it-yourself Evesdropping

From: Dave Farber <farber () cis upenn edu>
Date: Wed, 10 Nov 1999 04:30:37 -0500



X-Mailer: exmh version 2.0.2+CL 2/24/98
To: martin.minow () thinklinkinc com
cc: cypherpunks () toad com, cryptography () c2 net, risks () csl sri com
Subject: Re: New Scientist Article on Do-it-yourself Evesdropping
X-URL: http://www.cl.cam.ac.uk/~mgk25/
Date: Mon, 08 Nov 1999 19:56:22 +0000
From: Markus Kuhn <Markus.Kuhn () cl cam ac uk>


Martin Minow wrote on 1999-11-08 17:43 UTC:

<http://www.newscientist.com/ns/19991106/newsstory6.html>

"SOFTWARE that allows a computer to receive radio signals could make
spying on other computers all too simple, according to two scientists 

at the

University of Cambridge. Such are the dangers that they are patenting
countermeasures that computer manufacturers can take to foil any
electronic eavesdroppers. "


This New Scientist article refers to some work that we have been doing
here over a year ago and which was published already as

  Markus G. Kuhn, Ross J. Anderson: Soft Tempest: Hidden Data Transmission
  Using Electromagnetic Emanations, in David Aucsmith (Ed.): Information
  Hiding, Lecture Notes in Computer Science 1525, Springer-Verlag,
  ISBN 3-540-65386-4, pp. 124-142.
  http://www.cl.cam.ac.uk/~mgk25/ih98-tempest.pdf

The New Scientist just stumbled last week across a related patent
application that was recently finally published after the usual 18
months. Read the above paper if you are interested in the full story.

If you are interested in the sort of equipment on which I was quoted and
what I consider to be an appropriate platform for production-grade
compromising emanations attacks (automatic character recognition from
VDU signals, utilization of data-dependent emissions of firewall systems
for cryptanalysis, etc.), then have a look at for instance

  http://www.tm.agilent.com/tmo/datasheets/English/HPE3238S.html

and its components: an 8-MHz wideband tuner covering 2-2600 MHz, a 20
MHz and 21 bit A/D converter, followed by an array of powerful DSPs that
can do various processing steps and turn the digitized IF signal
directly into your output. That plus suitable software and a set of good
antennas and coupling probes is roughly what I would expect to find in
the better versions of the unmarked spook van in the neighborhood.
Turning equipment like this into a GSM phone, GPS receiver, TV set, or
specialized compromising emanations receiver is just a matter of what
software you load into it. At the moment, lab setups of such flexible
"software radios" still cost in the > £20000 range. However, the
technology is moving quickly and has the potential to enter the mass
market in the next few years, probably at first via it's use in
multi-mode reprogrammable cellular base stations.

With prices for suitable components for software radios (especiall the
ADC and DSP section) dropping with Moore's law, we can look forward to
home amateur priced software radios that will allow us to build
sophisticated Tempest DSP experiments which are today only in the reach
of military research labs. Though it will not become "child's play" - as
the New Scientists reporter wrote in the above article - sophisticated
EM snooping technology might very well come into the reach of the
advanced information security hobbyist or the determined criminal in the
next 5-10 years. The field will certainly remain interesting, any if you
study information security, it might not be unwise to add a
high-frequency electronics and DSP course to your curriculum today.

Markus

--
Markus G. Kuhn, Computer Laboratory, University of Cambridge, UK
Email: mkuhn at acm.org,  WWW: <http://www.cl.cam.ac.uk/~mgk25/>


_____________________________________________________________________
David Farber
The Alfred Fitler Moore Professor of Telecommunication Systems
University of Pennsylvania
Home Page: http://www.cis.upenn.edu/~farber
Email: farber () cis upenn edu

Home: +1 610 274 8292; Cell and Office: +1 215 327 8756; Fax:  +1 408 490 2720
Previous By Date Next
Previous By Thread Next

Current thread: