Abstract

The problem of information leakage through electromagnetic waves for various devices has been extensively discussed in literature. Conventionally, devices that are under such a threat suffer from potential electromagnetic information leakage during their operation. Further, the information inside the devices can be obtained by monitoring the electromagnetic waves leaking at the boundaries of the devices. The leakage of electromagnetic waves, however, was not observed for some devices, and such devices were not the target of the threat discussed above. In light of this circumstance, this paper discusses an “interceptor” that forces the leakage of information through electromagnetic waves, even from devices in which potential electromagnetic leakage does not occur. The proposed interceptor is a small circuit consisting of an affordable semiconductor chip and wiring and is powered by electromagnetic waves that irradiate from the outside of a device as its driving energy. The distance at which information is obtained is controlled by increasing the intensity of the irradiated electromagnetic waves. The paper presents the structure of the circuit for implementing the proposed interceptor to be used in major input–output devices and cryptographic modules, mounting a pathway designed on the basis of the construction method onto each device. Moreover, it is shown that it is possible to forcefully cause information leakage through electromagnetic waves. To detect the aforementioned threat, the paper also focuses on the changes in a device itself and the surrounding electromagnetic environment as a result of mounting an interceptor and considers a method of detecting an interceptor by both passive and active monitoring methods.

Highlights

  • The performance of consumer measurement devices and the speeds of computational resources have improved, while memory device capacities have become larger in recent years, facilitating statistical analyses of data observed over a long period of time

  • Various information-containing and ubiquitous devices have been examined for the analysis and procurement of leakage signals via EM radiation, including cathode-ray tube (CRT) and liquid-crystal display (LCD) monitors [VE85, Kuh02, Kuh04, Kuh05, Kuh13, SS07, SS08, Sek10, SS13, TYF11, SJY14], touchscreen monitors [HHM+14], information printed by printers [TTY+06], key data input from keyboards

  • Their structure is similar to radio frequency (RF) identification (RFID)[Leh12], which requires a special external antenna to communicate with outside devices

Read more

Summary

Introduction

The performance of consumer measurement devices and the speeds of computational resources have improved, while memory device capacities have become larger in recent years, facilitating statistical analyses of data observed over a long period of time. If there exist no coupling paths or unexpected antenna structures in the device, the EM waves that contain information do not propagate until the attacker, who is at a distance. The proposed interceptor covers both analog and digital signals and leaks information outside devices by using a physical structure inside the devices, such as the antenna. A circuit with a concept similar to that of the interceptor proposed in this study appears in the NSA ANT catalog [Wik], actual examples are provided in the NSA Playset, which contains a radio frequency (RF) retroreflector [Oss14][Oss15], and a Green Bay Professional Packet Radio (GBPPR) project [Proa][Prob][Proc] Their structure is similar to RF identification (RFID)[Leh12], which requires a special external antenna to communicate with outside devices.

Scenarios in which an interceptor is installed on a device
Structure of an interceptor and the principles of leakage
Selection of a FET to match targeted information
Driving the interceptor and the reception method for leaked signals
Case study
Ă 500 MHz
Transmission-and-reception system used in the experiment
Experimental procedure
80 MHz 200 MHz
Signals inside the targeted USB keyboard
Experimental environment
Acquisition of information using the interceptor
Targeted side-channel signal
Circuit of the interceptor and its implementation
Experimental environment and parameters
Targeted video signals
Targeted sound signal
Acquisition of information by the interceptor
Detection method for the interceptor
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call