Information leakage from optical emanations-Reference-Cited by-同舟云学术

Information leakage from optical emanations

Published:2002-08 Issue:3 Volume:5 Page:262-289
ISSN:1094-9224
Container-title:ACM Transactions on Information and System Security
language:en
Short-container-title:ACM Trans. Inf. Syst. Secur.

Author:

Loughry Joe¹,Umphress David A.²

Affiliation:

1. Lockheed Martin Space Systems, Denver, CO

2. Auburn University, AL

Abstract

A previously unknown form of compromising emanations has been discovered. LED status indicators on data communication equipment, under certain conditions, are shown to carry a modulated optical signal that is significantly correlated with information being processed by the device. Physical access is not required; the attacker gains access to all data going through the device, including plaintext in the case of data encryption systems. Experiments show that it is possible to intercept data under realistic conditions at a considerable distance. Many different sorts of devices, including modems and Internet Protocol routers, were found to be vulnerable. A taxonomy of compromising optical emanations is developed, and design changes are described that will successfully block this kind of "Optical Tempest" attack.

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/545186.545189

Reference43 articles.

1. Agilent Technologies. 1999. T-1¾ (5 mm) Diffused LED Lamps Technical Data. Agilent Technologies. Data sheet 5968-4161E (2/99).]] Agilent Technologies. 1999. T-1¾ (5 mm) Diffused LED Lamps Technical Data. Agilent Technologies. Data sheet 5968-4161E (2/99).]]

2. Anderson R. J. and Kuhn M. G. 1999. Soft tempest---an opportunity for NATO. In Protecting NATO Information Systems in the 21st Century. NATO Research & Technology Organisation Washington D.C.]] Anderson R. J. and Kuhn M. G. 1999. Soft tempest---an opportunity for NATO. In Protecting NATO Information Systems in the 21st Century. NATO Research & Technology Organisation Washington D.C.]]

3. Black U. 1996. Physical Layer Interfaces and Protocols 2nd ed. IEEE Computer Society Press Los Alamitos Calif.]] Black U. 1996. Physical Layer Interfaces and Protocols 2nd ed. IEEE Computer Society Press Los Alamitos Calif.]]

4. Common Criteria Project Sponsoring Organizations. 1999. Common Criteria for Information Technology Security Evaluation. Common Criteria Project Sponsoring Organizations. CCIMB-99-031 Version 2.1.]] Common Criteria Project Sponsoring Organizations. 1999. Common Criteria for Information Technology Security Evaluation. Common Criteria Project Sponsoring Organizations. CCIMB-99-031 Version 2.1.]]

Cited by 104 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling;Applied Sciences;2024-06-03

2. Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured by Standard Video Cameras;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

3. Optical Cryptanalysis: Recovering Cryptographic Keys from Power LED Light Fluctuations;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15

4. EL-GRILLO: Leaking Data Ultrasonically from Air-Gapped PCs via the Tiny Motherboard Buzzer;2023 20th Annual International Conference on Privacy, Security and Trust (PST);2023-08-21

5. Using KNX-Based Building Automation and Control Systems for Data Exfiltration;IEEE Internet of Things Journal;2023-08-01