Re: Secure passwords?

"lyalc" <lyalc@xxxxxxxxxxxxxx> wrote in
news:dmtetn$n3g$1@xxxxxxxxxxxxxxxx:

> Actually, if you think about it, low speed systems are much, much
> easier to detect/compromise, in a tempest sense.
>
> Signal emissions are usually the first 5-20 harmonics of the clock
> speed. A clock of 100 Mhz probably needs a receiving AND PROCESSING
> bandwidth of 500-1000 Mhz.
>
> A clock speed of 3 Ghz can mean a processing bandwidth (analog or
> digital ) exceeding 10 Ghz.
> That's a fairly expensive set of kit, super-computing scale, not
> suitcase sized, portable gear, especially if you are looking for
> near-real-time recovery, not SETI-style post analysis.
> Often, these higher frequencies have much less energy/radiated power
> than lower speed clocks, for a variety of technical reasons.
> So the detection range (signal over noise) is probably much less,
> potentially minimising the 'volume' of risk.
>
> Just my 20cents worth.
>
> Lyal
>


Some interesting speculations (and with Tempest we are all speculating to
some degree). I see your point, but I believe you are concentrating on
the wrong aspect: required processing power rather than the underlying
question of the type, strength, and info-carying capacity of the
emissions themselves.

Additionally, regarding your central premise, that emissions are less,
rather than more, likely at higher frequencies, I believe you are wrong.
The simplest evidence of this is that it is much harder to do even the
ordinary shielding necessary to get an FCC clearance sticker. At 3GHz
the wavelength is only 10 cm - every component tends to "sing" as an
antenna (a perfect dipole antenna need only be 5 cm long). Moreover,
nonlinearities in component properties often become more pronounced at
high frequencies leading to strong emissions at all harmonics (but,
obviously, mostly for the low-order ones).

However, much of this is beside the point. While Tempest (emsec)
interceptions could concentrate on CPU processor (and related)
frequencies, most descriptions so far (including the original van Eck
paper) concentrate on peripherals, such as the CRT display. Frequences
here are standardized and independent of the CPU-related frequencies.
And we know that CRT emmissions are strong, strong enough to have caused
efforts (TUV, etc.) to reduce emissions for health, rather than emsec
reasons.

Regards,





.

Relevant Pages

  • Re: Dual-Z0 Stubs
    ... They're likely to be three bands of frequencies rather than three ... The mixed emissions of a set of red, green, and blue phosphors, ... combinations as "pure white" depending on what's available at the time. ... This is why, for example, indoor fluorescent lighting can actually ...
    (rec.radio.amateur.antenna)
  • Re: On The Subject of The Mosquito And The Ladder
    ... >>I am also unaware of any atoms in the emissions of a HeNe laser. ... >>we define time so that physics looks simple. ... > You didn't answer my question: what is the definition of a good clock? ...
    (sci.physics.relativity)
  • Re: Secure passwords?
    ... > There's no such thing as a "tempest related attack". ... eponymously codenamed set of classified standards for reducing emissions ... Faraday cages are trivial to construct. ... > that's effective at modern bandwidths, ...
    (alt.computer.security)