简介
TEMPEST (Transient Electro-Magnetic Pulse Emanation Standard)
High-level层面的简单理解:
计算机在运行时会产生各种各样的电磁波,尝试捕获到这些微弱的电磁波,并对其中内容进行解码(decode)。
CRT显示器在进行显示时,需要改变电磁环境来引导电子的偏转。这种信息可以被收集和利用。
键盘击键会引起电压、电流的剧烈变换,产生很强的电磁辐射。键盘电路板上的微处理器的时钟信号,有可能作为载波信号被击键信号所调制产生传递发射,泄漏出击键信息。
不过在实际环境测试中,环境中大量的噪声可能会严重干扰这个过程。
解决方案
将重要的计算机放在法拉第笼中运行。
历史
1985年,Van Eck, Vim 在法国某会议上演示。
TEMPEST ATTACK 对信息安全的威胁与对策
https://wenku.baidu.com/view/6dd9d876a417866fb84a8efd.html
近期进展
https://www.schneier.com/blog/archives/2016/02/practical_tempe.html
Four researchers have demonstrated a TEMPEST attack against a laptop, recovering its keys by listening to its electrical emanations. The cost for the attack hardware was about $3,000.
For half a century this has been a nation-state-level espionage technique. The cost is continually falling.
Demo
Information Leakage Threat via EM Emanation for Tablet PCs
ACM CCS 2014: A Threat for Tablet PCs in Public Space: Remote Visualization of Screen Images Using EM Emanation (demo)
https://www.youtube.com/watch?v=nL2wM-4xRkI
DEFCON 17: Sniff Keystrokes With Lasers/Voltmeters
Speakers:
Andrea Barisani Chief Security Engineer, Inverse Path Ltd. Founder & Project Coordinator, oCERT
Daniele Bianco Hardware Hacker, Inverse Path Ltd.
Laser Microphone
https://www.youtube.com/watch?v=xKSq9efXmh8