1998-02-09 - Re: Soft Tempest

Header Data

From: David Honig <honig@otc.net>
To: Markus Kuhn <cypherpunks@toad.com
Message Hash: 030327c0118b2aa672e2a0c415ff9d196c9845ab64d655d9916d3bdcf5449a8d
Message ID: <>
Reply To: <v03102800b1044ad31629@[]>
UTC Datetime: 1998-02-09 18:35:54 UTC
Raw Date: Tue, 10 Feb 1998 02:35:54 +0800

Raw message

From: David Honig <honig@otc.net>
Date: Tue, 10 Feb 1998 02:35:54 +0800
To: Markus Kuhn <cypherpunks@toad.com
Subject: Re: Soft Tempest
In-Reply-To: <v03102800b1044ad31629@[]>
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain

At 04:54 PM 2/9/98 +0000, Markus Kuhn wrote:
> The horizontal and vertical
>deflection coils produce a lot of radiation at harmonics of the
>line and frame rate of your CRT, but this signal energy is not
>related to your screen content (only to your video mode), and therefore
>not of much concern for the eavesdropper. The low-radion monitor
>standards look only at those signal (<400 kHz). Therefore having
>a TCO92 monitor provides you absolutely no advantage with respect
>to eavesdropping.

>The information carrying signals of VDUs are in much higher frequency
>ranges in the VHF/UHF bands. Laptops are pretty good broadcasters
>there, too.

One of the issues is that the fast rise-times on signals yields
emissions all over the spectrum, not just at the base scanning rate.
Thus, even though you're sending at e.g., 2400 bps, you've got an N-volt
voltage/current swing accomplished in fractions of a microsecond.

These higher harmonics radiate better than the lower ones.

See Peter Smulders's paper on RS-232 interception, abstract included below.
I have a local copy at http://rattler.otc.net/crypto/docs/rs232.pdf 

The Threat of
Information Theft
by Reception of
Radiation from
RS-232 Cables
Peter Smulders
Eindhoven University of Technology, Department of Electrical Engineering,
Eindhoven, The Netherlands

Research into the possibility of picking up the
electromagnetic radiation originating from video
display units (VDUs) made clear that this type of
information theft can be committed very easily
[1]. It is not only this type of equipment which
is vulnerable to interception at a distance;
experiments on eavesdropping RS-232 cable
signals prove that it is possible in some cases to
intercept data signals running along an RS-232
cable, by picking up and decoding the
electromagnetic radiation produced by the
cable. This report gives the results of these
Electromagnetic radiation arising from RS-232 cables may
contain information which is related to the original
RS-232 data signals. The seriousness of eavesdropping
risks is shown by estimates of bit error rates feasible with
a standard radio receiver as a function of the separation
distance. In addition to this, results of experimental
eavesdropping are presented.

Keywords: RS-232 cable, Electromagnetic radiation, Eaves-dropping

Caution: Failure to detect intelligible emanations by the
methods described in this paper do not mean an
installation is secure against interception by
sophisticated and resourceful opponents.

      David Honig                   Orbit Technology
     honig@otc.net                  Intaanetto Jigyoubu

		Lewinsky for President '2012