From: edgar@spectrx.Saigon.COM (Edgar W. Swank)
To: Cypherpunks <cypherpunks@toad.com>
Message Hash: c11fd3a426483249f75a6f3c09529d9562c7a9694043c60840a1bce3b205a885
Message ID: <X5RqBc10w165w@spectrx.saigon.com>
Reply To: N/A
UTC Datetime: 1993-10-21 06:42:52 UTC
Raw Date: Wed, 20 Oct 93 23:42:52 PDT
From: edgar@spectrx.Saigon.COM (Edgar W. Swank)
Date: Wed, 20 Oct 93 23:42:52 PDT
To: Cypherpunks <cypherpunks@toad.com>
Subject: TEMPEST: Re: Monitor radiation overlooking./DES weakness
Message-ID: <X5RqBc10w165w@spectrx.saigon.com>
MIME-Version: 1.0
Content-Type: text/plain
Victor Borisov posted the following on Oct 15:
I read about overlooking of monitor radiation. Introder can scan
the electron-beam radiation from electron-gun. He simple transmit
this radiation to self electron-gun and sinchronize frequance.
This method work with b/w monitor. The overlooking of
color-monitor more dificult - introder will see 4 gradation of
gray (all guns off, work one, two, three guns). But we can select
spesial colors (red-blue or blue-green) and allways will work only
one (or two) guns. In this way introder will see dark (or light)
gray screen without any information!!!
Is it corect? Do now present more improve overlooking system?
We in the USA refer to this technology as TEMPEST, which is an acronym
for Transient ElectroMagnetic Pulse Emanation STandard or Transient
Electromagnetic Pulse Surveillance Technology. Victor, I have a long
(58K) document about this which I'll be glad to send you, just ask. I
think I got it from this list last August maybe.
I haven't seen Victor's idea of adjusting screen colors before. I
suspect that it would take some balancing of the colors so the combo
for foreground/background would be the same strength to a close
tolerance. Certainly I wouldn't trust it without confirmation from
an experiment that a state-of-the-art TEMPEST device couldn't resolve
any information. Victor, could your friend in the KGB arrange for such
an experiment??
TEMPEST defenses considered here involve using metal cabinets and
other shielding. One relatively inexpensive approach uses metallic
wallpaper! Here are some references:
From: szebra!novavax.nova.edu!yanek (Yanek Martinson)
Subject: INFO: TEMPEST companies
To: toad.com!cypherpunks
Date: Wed, 16 Dec 92 20:33:10 EDT
X-Mailer: Elm [version 2.1 PL1]
Lindgren RF Enclosures
400 Gigh Grove Blvd.
Glendale Heights, IL 60139
Contact: Wayne Martin
708-307-7200
FAX: 708-307-7571
"LT" Series Shielding System is a complete line of modular enclosures,
equipment cabinets and custom enclosures available in virtually all
shielding materials. The system features exclusive Double Electrically
Isolated construction for maximum attenuation. All enclosures are fully
tested and guaranteed. Aplication assistance available.
Secure Systems & Services
Div. of The R/H Factor Corp.
13990 Goldmark Dr., Ste.401
Dallas, TX 75240
Contact: Ray Helsop
214-907-9288
FAX: 214-669-9160
TEMPEST Products, Systems & Services are for Military/Industrial firms
concerned with threat of information security and protection by [sic]
electronic eavesdroppoing; also commercial EMI/RFI, reduced emissions
products. We provide TEMPEST service and support, data encryption,
F.I.S.A. Facility Information Security Assessment Studies, site planning,
installation design, facility upgrades, etc.
International Paper Co.
Longmeadow Rd.
Tuxedo, NU 10987
Contact: Larry Fahy
914-577-7247
SAF'N SHIELDED (tm)
International Paper provides a unique wallcovering that prevents
electromagnetic interference (EMI), wireless electronic espionage, and
other forms of electromagnetic eavesdropping. The new wallcovering, a
composite structure that incorporates a nonwoven mat of metallic fibers,
has been TEMPEST-tested by the U.S. government and can achieve attenuation
levels over 100dB. The material, which eliminates the added costs of
"hardening" or adding protective shielding to individual pieces of
electronic equipment, is being used both in primary applications and to
upgrade facilities to higher levels of protection. It also provides a way
to plug EMI leaks quickly and effectively. Unlike woven or sheet metal,
which typically require gutting entire rooms, this flexible, lightweight
material goes up as quickly as wallpaper. No special tools are needed, and
downtime is minimal.
Transaction Security, Inc.
21 Industrial Ave.
Upper Saddle River, NJ 07458
Contact: O. Mark Hastings
201-573-1150
Steel TEMPEST-type enclosures for any size computer hardware.
Subject: New number for Secure Systems & Services
The new number for SS&S is (214) 907-9288
Also, Lindgren RF Enclosures informed me that they
now have exclusive license to market International Paper
Company's SAF'N SHIELDED; and they give free samples ;-))
JPW
====================================================================
Date: Mon, 28 Dec 92 11:57:49 PDT
From: szebra!jplpost.Jpl.Nasa.Gov!wendtj (Jeffrey P Wendt)
To: toad.com!cypherpunks
Subject: TEMPEST companies
I have recieved information from Veratec re: the product
Safe`n'Shield, and I have to say that for an inf0 packet,
they have done a great job.
The folder comes with 2 sample squares of the Safe`n'
Shield material, and the specs for their product are as
follows:
>-----------------------------------------------------------
> Shielding Effectiveness of SAFE`N'SHIELDED (R)
>(in dB Attenuation)
>___________________________________________________________
>SAF`N'40 tm 10' x 20' x 8' Room
>___________________________________________________________
> 10KHz 1MHz 50MHz 400MHz 1GHz
>-----------------------------------------------------------
> >100 76 53 57 62
>___________________________________________________________
>___________________________________________________________
>SAF`N'60 tm 8' x 8' x 8' Room
>___________________________________________________________
> 10KHz 1MHz 50MHz 400MHz 1GHz
>-----------------------------------------------------------
> >100 N/T* 67 72 87
>___________________________________________________________
>___________________________________________________________
>SAF`N'80 tm 8' x 8' x 8' Room
>___________________________________________________________
> 10KHz 1MHz 50MHz 400MHz 1GHz
>-----------------------------------------------------------
> >100 >81 100 90 90
>___________________________________________________________
In addition to some general notes and a customer list, they
provide a 25 page booklet on construction techniques; both
new and existing. The material is very thin, about the same
weight and feel as good bond paper. The manufacturer states
that this material meets the NSA 65-6 spec using this
nonwoven material as the priamary shield.
The material is applied just like wall paper, with comercial
wallpaper glue, and from a construction point of view this
stuff looks like you could do an 8x8x8 romm in a few hours.
Alas, I did not recieve a price list on the material, but I
am sure it will be a hell-of-a-lot cheaper that buying
TEMPEST certified computers, and best of all...you don't
have to register a damn thing ;-)).
The address is: Veretec
Long Meadow Road
Tuxedo, New York 10987
(919) 577-7447
Victor Continues:
Some words about DES - I spoke with one cryptoanalisyst from KGB
and he sow, that for number crypto algotitm c(key, text) (key is
keyLength tall) present f(key, text), that for all key1 and key2
present key with length keyLength, that c(key2, c(key1,
text))==f(key, text).
He also say, that now present f() for c()=des(), more f() wery
like des().
That`s why for decrypting of des(k1, des(k2, ... des(kN, text)
... )) we must try 2^56 keys with spetial function.
Victor seems to be saying that his friend is saying that DES is a
"group" (if I remember my terms correctly), which somebody was
supposed to have proven wasn't the case. Although, strictly speaking,
a "group" was supposed to be f=des, where Victor just says it's "very
like DES."
But multiple encryptions as Victor describes are not used. Rather
alternating encryptions and DEcryptions. For example triple DES
dese(k1, desd(k2, dese(k3, plaintext))) where "dese" is DES
encryption and "desd" is DES decryption. What does your friend in
the KGB have to say about that, Victor? If triple-DES reduces to
any reasonable transformation of (some) 56-bit key then it's almost
as easy to break as single-DES which we now know only requires 3 hours
on a $1 million specialized machine.
Of more interest here, Victor, is what your KGB friend says about the
IDEA cipher, RSA Public Key encryption, and the MD5 message digest,
all of which are used in PGP. We would also like to know if the KGB
has found any weaknesses in PGP or if they've even had occasion to try
to find any.
--
edgar@spectrx.saigon.com (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca
Return to October 1993
Return to “karn@qualcomm.com (Phil Karn)”