[iwar] [fc:Information.Leakage.from.Optical.Emanations]

From: Fred Cohen (fc@all.net)
Date: 2002-03-06 19:22:45


Return-Path: <sentto-279987-4574-1015472720-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 06 Mar 2002 19:48:11 -0800 (PST)
Received: (qmail 4840 invoked by uid 510); 7 Mar 2002 03:45:40 -0000
Received: from n35.groups.yahoo.com (216.115.96.85) by all.net with SMTP; 7 Mar 2002 03:45:40 -0000
X-eGroups-Return: sentto-279987-4574-1015472720-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.166] by n35.groups.yahoo.com with NNFMP; 07 Mar 2002 03:45:21 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: unknown); 7 Mar 2002 03:45:19 -0000
Received: (qmail 87419 invoked from network); 7 Mar 2002 03:21:56 -0000
Received: from unknown (216.115.97.172) by m12.grp.snv.yahoo.com with QMQP; 7 Mar 2002 03:21:56 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.snv.yahoo.com with SMTP; 7 Mar 2002 03:21:55 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g273Mjo23596 for iwar@onelist.com; Wed, 6 Mar 2002 19:22:45 -0800
Message-Id: <200203070322.g273Mjo23596@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Wed, 6 Mar 2002 19:22:45 -0800 (PST)
Subject: [iwar] [fc:Information.Leakage.from.Optical.Emanations]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

Information Leakage from Optical Emanations

JOE LOUGHRY
Lockheed Martin Space Systems
and
DAVID A. UMPHRESS
Auburn University

A previously unknown form of compromising emanations has been discovered. LED status 
indicators on data communication equipment, under certain conditions, are shown to 
carry a modulated optical signal that is significantly correlated with information 
being processed by the device. Physical access is not required; the attacker gains 
access to all data going through the device, including plaintext in the case of data 
encryption systems. Experiments show that it is possible to intercept data under 
realistic conditions at a considerable distance. Many diŽerent sorts of devices, 
including modems and Internet Protocol routers, were found to be vulnerable. A taxonomy 
of compromising optical emanations is developed, and design changes are described 
that will successfully block this kind of "Optical Tempest" attack. 

Categories and Subject Descriptors: C.2.0 [Computer Systems Organization]: COMPUTERCOMMUNICATION 
NETWORKS-General, Security and protection (e.g., firewalls); D.4.6 [Software]: OPERATING 
SYSTEMS-Security and Protection, Invasive software (e.g., viruses, worms, Trojan 
horses); E.3 [Data]: DATA ENCRYPTION-Code breaking; K.6.5 [Computing Milieux]: MANAGEMENT 
OF COMPUTING AND INFORMATION SYSTEMS-Security and Protection, Unauthorized Access 
(e.g., hacking, phreaking) General Terms: Compromising emanations, Emissions security, 
Experimentation Additional Key Words and Phrases: Information displays, light emitting 
diode, LED, fiber optics, encryption, compromising emanations, covert channel, communication, 
COMINT, COMSEC, EMSEC, SIGINT, TEMPEST 

<a href="http://applied-math.org/optical_tempest.pdf">http://applied-math.org/optical_tempest.pdf>

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST