Post Wed Apr 30, 2008 9:09 am

TEMPEST Revisited

New stuff in the news related to Chris' article from last year.

NSA has recently de-classified a paper from 1972 that decribes the first account of TEMPEST, and the skeptism that accompanied it.

[quote=Ryan Single of Wired Magazine]It was 1943, and an engineer with Bell Telephone was working on one of the U.S. government's most sensitive and important pieces of wartime machinery, a Bell Telephone model 131-B2. It was a top secret encrypted teletype terminal used by the Army and Navy to transmit wartime communications that could defy German and Japanese cryptanalysis.

Then he noticed something odd.

Far across the lab, a freestanding oscilloscope had developed a habit of spiking every time the teletype encrypted a letter. Upon closer inspection, the spikes could actually be translated into the plain message the machine was processing. Though he likely didn't know it at the time, the engineer had just discovered that all information processing machines send their secrets into the electromagnetic ether.

Call it a TEMPEST in a teletype.

[quote=The article from the 1972 NSA Cryptologic Spectrum states]Bell Telephone faced a dilemma. They had sold the equipment to the military with the assurance that it was secure, but it wasn't. The only thing they could do was to tell the [U.S. Army] Signal Corps about it, which they did. There they met the charter members of a club of skeptics who could not believe that these tiny pips could really be exploited under practical field conditions. They are alleged to have said something like: "Don't you realize there's a war on? We can't bring our cryptographic operations to a screeching halt based on a dubious and esoteric laboratory phenomenon. If this is really dangerous, prove it."

So the Bell engineers were place in a building on Varick Street in New York. Across the street and 80 feet away was Signal Corps Varick Street cryptocenter. The engineers recorded signals for about an hour. Three or four hours later, they produced about 75% of the plain text that was being processed--a fast performance, by the way, that has been rarely equaled.

Click here for the full Wired article and a link to the original NSA document.
Reluctant CISSP, Certified ASS