1995-12-12 - Anohter angle on timing (TEMPEST)

Header Data

From: “Dave Emery” <die@pig.die.com>
To: cypherpunks@toad.com
Message Hash: d895e306b12112c6e9c66259412a6242e0a9df3e9c2d8e755c1474a0576ee213
Message ID: <9512120332.AA05424@pig.die.com>
Reply To: N/A
UTC Datetime: 1995-12-12 04:15:55 UTC
Raw Date: Mon, 11 Dec 95 20:15:55 PST

Raw message

From: "Dave Emery" <die@pig.die.com>
Date: Mon, 11 Dec 95 20:15:55 PST
To: cypherpunks@toad.com
Subject: Anohter angle on timing (TEMPEST)
Message-ID: <9512120332.AA05424@pig.die.com>
MIME-Version: 1.0
Content-Type: text/plain


	Reading of Mr Kochers clever attack brings to mind another way
of obtaining the timings it uses, particularly on smartcards and other 
tamper resistant hardware based crypto devices - but also perhaps on
locally accessible (and poorly sheilded) servers.

	Observing small changes in current drain, radiated rf pulses,
ground noise, noise on other pins of the device (eg a smartcard)  and
other kinds of transient electrical noise generated by an internal
processor performing a cyrpto algorithm noise might very well allow one
to quite precisely identify when certain sections  or loops in the
internal code of the device was running.   Using this information with
Kochar's statistical approach to determining bit values from time
variances might make such a tempest attack on protected keys held by
such a devices practical even for those of us not privy to the tricks
used by the spooks to process tempest data.  And it certainly could make
available much more timing information per run than just the gross time
to complete the crypto operation, in fact it is entirely possible that
an accurate timing for each step of the algorithm could be derived from
such noise measurements.
  
						Dave Emery
						die@die.com





Thread