Cryptography – Electric signal masking
Reexamination Certificate
1999-01-28
2004-04-13
Barrón, Gilberto (Department: 2132)
Cryptography
Electric signal masking
C380S268000, C380S210000, C380S054000
Reexamination Certificate
active
06721423
ABSTRACT:
TECHNICAL FIELD
This invention is related to the protection of confidential computer data against eavesdroppers who try to reconstruct it from the electromagnetic emanations generated by computers.
BACKGROUND OF THE INVENTION
It has been known to military organizations since at least the early 1960s that computers generate electromagnetic radiation which not only interferes with radio reception, but which also makes information about the processed data available to a remote radio receiver (see for example Peter Wright: Spycatcher—The Candid Autobiography of a Senior Intelligence Officer. William Heinemann Australia, 1987, ISBN 0-85561-098-0). Known as compromising emanation or Tempest radiation, this electromagnetic broadcast of data has been a significant concern in security-sensitive computer applications. Compromising emanations of video display units (see for example Wim van Eck: Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk? Computers & Security vol 4 (1985) 269-286; Erhard Möller, Lutz Bernstein, Ferdinand Kolberg: Schutzma&bgr; nahmen gegen kompromittierende elektromagnetische Emissionen von Bildschirmsichtgeräten [Protective measures against compromising electromagnetic emissions from video display terminals]. Labor für Nachrichtentechnik, Fachhochschule Aachen, Aachen, Germany) and serial data cables (see Peter Smulders: The Threat of Information Theft by Reception of Electromagnetic Radiation from RS-232 Cables. Computers & Security vol 9 (1990) 53-58) have been described in the open literature. One common and expensive countermeasure is to fit metallic shielding to the device, the room, or the entire building (see Electromagnetic Pulse (EMP) and Tempest Protection for Facilities. Engineer Pamphlet EP 1110-3-2, 469 pages, U.S. Army Corps of Engineers, Publications Depot, Hyattsville, Dec. 31, 1990; and Deborah Russell, G. T. Gangemi Sr.: Computer Security Basics. O'Reilly & Associates, 1991, ISBN 0-937175-71-4). Cross-correlation test methods suitable for verifying the effectiveness of such shielding have been described in Wolfgang Bitzer, Joachim Opfer: Schaltungsanordnung zum Messen der Korrelationsfunktion zwischen zwei vorgegebenen Signalen [Circuit arrangement for measuring the correlation function between two given signals]. German Patent DE
~
3911155
~
C2, Deutsches Patentamt, Nov. 11, 1993, and Joachim Opfer, Reinhart Engelbart: Verfahren zum Nachweis von verzerrten und stark gestörten Digitalsignalen und Schaltungsanordnung zur Durchführung des Verfahrens [Method for the detection of distorted and strongly interfered digital signals and circuit arrangement for implementing this method]. German Patent DE
~
4301701
~
C1, Deutsches Patentamt, May 5, 1994. Devices that generate a correlated jamming signal in order to make eavesdropping more difficult have been described in John H. Dunlavy: System for Preventing Remote Detection of Computer Data from TEMPEST Signal Emissions. U.S. Pat. No. 5,297,201, Mar. 22, 1994, and Lars Hoivik: System for Protecting Digital Equipment Against Remote Access. U.S. Pat. No. 5,165,098, Nov. 17, 1992.
The electromagnetic data-dependent signals generated by computers and emanated over the air, or via power supply and communication cables, are rather weak and distorted. In addition, if several computers are located in close proximity, their signals will be overlaid. The eavesdropper will therefore use various techniques to separate the signals of interest from the background noise before attempting further decoding (see Markus G. Kuhn, Ross J. Anderson: Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations, in David Aucsmith (Ed.): Information Hiding, Second International Workshop, IH'98, Portland, Oreg., USA, Apr. 15-17, 1998, Proceedings, LNCS 1525, Springer-Verlag, ISBN 3-540-65386-4, pp. 126-143). Periodic averaging is a very powerful noise elimination technique and can be applied to many signals of particular interest from computer systems that process confidential data. If the signal of interest s(t) has a known period T such that s(t)=s(t+T) most of the time, then the eavesdropper can reconstruct from the received noisy signal r(t)=s(t)+n(t), where n(t) is uncorrelated background noise, a noise-reduced estimate of the signal from a moving average:
ζ
(
t
)
=
1
n
2
-
n
1
+
1
∑
i
=
n
1
n
2
s
(
t
+
iT
)
for
0
≤
t
<
T
which has a significantly better signal-to-noise ratio than s(t).
Three periodic signals found in a typical computer may contain confidential information and are thus of particular interest to an eavesdropper:
1. The video display signal is generated by writing the content of the display frame buffer to the display with a period equivalent to the vertical refresh frequency of the cathode-ray tube, liquid crystal panel, or other display device.
2. A microcontroller or a specialized circuit in the keyboard applies voltages in succession to each row of a matrix circuit to which the keys are connected. Scanning the column lines for this voltage allows the microcontroller or specialized circuit to determine which key is currently pressed in order to report the appropriate key code word to the main processor (see Ed L. Sonderman, Walter Z. Davis: Scan-controlled keyboard, U.S. Pat. No. 4,277,780, Jul. 7, 1981). This scan cycle is repeated with high frequency to ensure that no key-press events are missed. The sequence of instructions executed in the scan loop often depends on which key is currently pressed. Therefore the precise shape of the emanations reveals information about key presses, and manually entered text may be reconstructed by an eavesdropper.
3. In most mass storage devices such as magnetic or magneto-optical discs, data is organized into storage tracks and a motor moves the head between them. After data has been read from or written to a track, the head usually remains located on that track until a request to access another track is received. During this time, the readout amplifier receives, amplifies and emits the data content of the storage track periodically, where the period is identical to the rotation time of the disk.
SUMMARY OF THE INVENTION
The present invention is a low-cost means of making it more difficult for an eavesdropper to gain knowledge about the data processed on a normal computer system that features standard components such as a video display, a keyboard and a hard disk. In its most general terms the presents invention proposes that instead of, or in addition to, physical screening of an electronic system, the system should be designed or modified to reduce (or substantially eliminate) the generation of electromagnetic signals which are periodic or otherwise predictable.
Accordingly, the invention may be expressed as a method of obstructing the reconstruction of information contained in an electronic apparatus from electromagnetic emissions, by reducing the energy of certain periodic signals in electromagnetic emissions generated by the system and destroying the periodicity of residual signals or other signals.
These methods may involve only software or firmware changes in the computer system and can therefore be implemented at a much lower cost than the conventional techniques described above, in which electromagnetic radiation is reabsorbed after it has been generated (i.e. physical shielding). They may also be implemented using low-cost hardware devices. Whether they are implemented in software, firmware or hardware, these techniques can also be combined with traditional physical shields in order to provide an independent layer of protection against shield failure.
The general means of protection is to render signals more difficult for an attacker to recover using periodic averaging and cross-correlation techniques. Three specific methods are filtering out from periodic signals those spectral components that cause the highest levels of compromising radiation, spreading the spectrum of the
Anderson Ross J.
Kuhn Markus Guenther
Barrón Gilberto
Gurshman G
LandOfFree
Lost cost countermeasures against compromising... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Lost cost countermeasures against compromising..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Lost cost countermeasures against compromising... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3245343