1993-10-21 - TEMPEST: Re: Monitor radiation overlooking./DES weakness

Header Data

From: edgar@spectrx.Saigon.COM (Edgar W. Swank)
To: Cypherpunks <cypherpunks@toad.com>
Message Hash: c11fd3a426483249f75a6f3c09529d9562c7a9694043c60840a1bce3b205a885
Message ID: <X5RqBc10w165w@spectrx.saigon.com>
Reply To: N/A
UTC Datetime: 1993-10-21 06:42:52 UTC
Raw Date: Wed, 20 Oct 93 23:42:52 PDT

Raw message

From: edgar@spectrx.Saigon.COM (Edgar W. Swank)
Date: Wed, 20 Oct 93 23:42:52 PDT
To: Cypherpunks          <cypherpunks@toad.com>
Subject: TEMPEST: Re: Monitor radiation overlooking./DES weakness
Message-ID: <X5RqBc10w165w@spectrx.saigon.com>
MIME-Version: 1.0
Content-Type: text/plain

Victor Borisov posted the following on Oct 15:

    I read about overlooking of monitor radiation.  Introder can scan
    the electron-beam radiation from electron-gun.  He simple transmit
    this radiation to self electron-gun and sinchronize frequance.
    This method work with b/w monitor.  The overlooking of
    color-monitor more dificult - introder will see 4 gradation of
    gray (all guns off, work one, two, three guns).  But we can select
    spesial colors (red-blue or blue-green) and allways will work only
    one (or two) guns.  In this way introder will see dark (or light)
    gray screen without any information!!!

    Is it corect?  Do now present more improve overlooking system?

We in the USA refer to this technology as TEMPEST, which is an acronym
for Transient ElectroMagnetic Pulse Emanation STandard or Transient
Electromagnetic Pulse Surveillance Technology. Victor, I have a long
(58K) document about this which I'll be glad to send you, just ask.  I
think I got it from this list last August maybe.

I haven't seen Victor's idea of adjusting screen colors before. I
suspect that it would take some balancing of the colors so the combo
for foreground/background would be the same strength to a close
tolerance. Certainly I wouldn't trust it without confirmation from
an experiment that a state-of-the-art TEMPEST device couldn't resolve
any information. Victor, could your friend in the KGB arrange for such
an experiment??

TEMPEST defenses considered here involve using metal cabinets and
other shielding.  One relatively inexpensive approach uses metallic
wallpaper! Here are some references:

  From: szebra!novavax.nova.edu!yanek (Yanek Martinson)
  Subject: INFO: TEMPEST companies
  To: toad.com!cypherpunks
  Date: Wed, 16 Dec 92 20:33:10 EDT
  X-Mailer: Elm [version 2.1 PL1]

  Lindgren RF Enclosures
  400 Gigh Grove Blvd.
  Glendale Heights, IL 60139

  Contact: Wayne Martin
  FAX: 708-307-7571

  "LT" Series Shielding System is a complete line of modular enclosures,
  equipment cabinets and custom enclosures available in virtually all
  shielding materials.  The system features exclusive Double Electrically
  Isolated construction for maximum attenuation.  All enclosures are fully
  tested and guaranteed.  Aplication assistance available.

  Secure Systems & Services
  Div. of The R/H Factor Corp.
  13990 Goldmark Dr., Ste.401
  Dallas, TX 75240

  Contact: Ray Helsop
  FAX: 214-669-9160

  TEMPEST Products, Systems & Services are for Military/Industrial firms
  concerned with threat of information security and protection by [sic]
  electronic eavesdroppoing; also commercial EMI/RFI, reduced emissions
  products.  We provide TEMPEST service and support, data encryption,
  F.I.S.A. Facility Information Security Assessment Studies, site planning,
  installation design, facility upgrades, etc.

  International Paper Co.
  Longmeadow Rd.
  Tuxedo, NU 10987

  Contact: Larry Fahy


  International Paper provides a unique wallcovering that prevents
  electromagnetic interference (EMI), wireless electronic espionage, and
  other forms of electromagnetic eavesdropping.  The new wallcovering, a
  composite structure that incorporates a nonwoven mat of metallic fibers,
  has been TEMPEST-tested by the U.S. government and can achieve attenuation
  levels over 100dB.  The material, which eliminates the added costs of
  "hardening" or adding protective shielding to individual pieces of
  electronic equipment, is being used both in primary applications and to
  upgrade facilities to higher levels of protection.  It also provides a way
  to plug EMI leaks quickly and effectively.  Unlike woven or sheet metal,
  which typically require gutting entire rooms, this flexible, lightweight
  material goes up as quickly as wallpaper.  No special tools are needed, and
  downtime is minimal.

  Transaction Security, Inc.
  21 Industrial Ave.
  Upper Saddle River, NJ 07458

  Contact: O. Mark Hastings

  Steel TEMPEST-type enclosures for any size computer hardware.
  Subject: New number for Secure Systems & Services

            The new number for SS&S is (214) 907-9288
            Also, Lindgren RF Enclosures informed me that they
            now have exclusive license to market International Paper
            Company's SAF'N SHIELDED; and they give free samples ;-))

  Date: Mon, 28 Dec 92 11:57:49 PDT
  From: szebra!jplpost.Jpl.Nasa.Gov!wendtj (Jeffrey P Wendt)
  To: toad.com!cypherpunks
  Subject: TEMPEST companies

            I have recieved information from Veratec re: the product
            Safe`n'Shield, and I have to say that for an inf0 packet,
            they have done a great job.

            The folder comes with 2 sample squares of the Safe`n'
            Shield material, and the specs for their product are as
            > Shielding Effectiveness of SAFE`N'SHIELDED (R)
            >(in dB Attenuation)
            >SAF`N'40 tm             10' x 20' x 8' Room
            >    10KHz     1MHz      50MHz     400MHz    1GHz
            >    >100       76        53         57       62

            >SAF`N'60 tm              8' x 8' x 8' Room
            >    10KHz     1MHz      50MHz     400MHz    1GHz
            >    >100      N/T*       67         72       87

            >SAF`N'80 tm              8' x 8' x 8' Room
            >    10KHz     1MHz      50MHz     400MHz    1GHz
            >    >100      >81        100        90       90

            In addition to some general notes and a customer list, they
            provide a 25 page booklet on construction techniques; both
            new and existing.  The material is very thin, about the same
            weight and feel as good bond paper.  The manufacturer states
            that this material meets the NSA 65-6 spec using this
            nonwoven material as the priamary shield.

            The material is applied just like wall paper, with comercial
            wallpaper glue, and from a construction point of view this
            stuff looks like you could do an 8x8x8 romm in a few hours.
            Alas, I did not recieve a price list on the material, but I
            am sure it will be a hell-of-a-lot cheaper that buying
            TEMPEST certified computers, and best of all...you don't
            have to register a damn thing ;-)).

            The address is:  Veretec
                             Long Meadow Road
                             Tuxedo, New York 10987
                             (919) 577-7447

Victor Continues:

    Some words about DES - I spoke with one cryptoanalisyst from KGB
    and he sow, that for number crypto algotitm c(key, text) (key is
    keyLength tall) present f(key, text), that for all key1 and key2
    present key with length keyLength, that c(key2, c(key1,
    text))==f(key, text).

    He also say, that now present f() for c()=des(), more f() wery
    like des().

    That`s why for decrypting of des(k1, des(k2, ...  des(kN, text)
    ...  )) we must try 2^56 keys with spetial function.

Victor seems to be saying that his friend is saying that DES is a
"group" (if I remember my terms correctly), which somebody was
supposed to have proven wasn't the case.  Although, strictly speaking,
a "group" was supposed to be f=des, where Victor just says it's "very
like DES."

But multiple encryptions as Victor describes are not used. Rather
alternating encryptions and DEcryptions.  For example triple DES
dese(k1, desd(k2, dese(k3, plaintext)))  where "dese" is DES
encryption and "desd" is DES decryption.  What does your friend in
the KGB have to say about that, Victor?  If triple-DES reduces to
any reasonable transformation of (some) 56-bit key then it's almost
as easy to break as single-DES which we now know only requires 3 hours
on a $1 million specialized machine.

Of more interest here, Victor, is what your KGB friend says about the
IDEA cipher, RSA Public Key encryption, and the MD5 message digest,
all of which are used in PGP.  We would also like to know if the KGB
has found any weaknesses in PGP or if they've even had occasion to try
to find any.

edgar@spectrx.saigon.com (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005  Cupertino, Ca