Saturday, August 6, 2011


 on  with No comments 
Here's another classic from the vault.  A paper on the relationship between TEMPEST and SIGINT that I wrote for a class.

TEMPEST is a codename used by the United States Military which originally referred to a classified program which studied emission security (or EMSEC) and attempted to develop technologies and standards to be used in combating these emissions. This work can be traced back to World War I where German troops were able to intercept and listen in to enemy voice transmissions from the ground due to poorly insulated cabling used by allied phone lines. Like many classified military projects, TEMPEST is based on a random dictionary word rather than being an actual acronym. Despite the origin of the word, many attempts at fitting the word into an acronym have been made, the most commonly used one being Transient Electromagnetic Pulse Surveillance Technology.

The first test standards were defined in “NAG1A” and “FS222” in the 1950’s. In 1970, a revision titled “National Communications Security Information Memorandum 5100: Compromising Emanations Laboratory Test Standard, Electromagnetics” was created, followed by “NAC-SIM 5100A” in 1981, which sets the requirements. National Communications Security Committee Directive 4 currently sets the standards for TEMPEST in the United States. Other nations and organizations have similar documents defining their standards and requirements. For example, the NATO standard is defined by “AMSG 720B.” One thing that these and other documents relating to the TEMPEST program have in common is that they are all classified.

Sensitive information systems require intensive metallic shielding to prevent emissions from escaping. Individual devices, interconnecting cables and even entire rooms or buildings must be properly shielded. Within this shielded environment, there is a red/black separation employed. Red equipment is used to process confidential data, while black equipment is used to process unclassified data. Red equipment must remain isolated from black equipment.

The TEMPEST standards define three categories of approved devices. Type 1 is the most secure, but is only available to the US government and contractors that it approves. Type 2 is less secure, but its use still requires government approval. Type 3 is approved for commercial use by entities outside of the government. There is also a newer standard, known as ZONE, which is less secure than Type 3 equipment, but is still effective and is much more affordable.

SIGINT, or signals intelligence, is claimed to be the exclusive domain of the National Security Agency (more commonly referred to as the NSA), by the NSA. It is the type of intelligence that deals specifically with transmissions from the voice communications, radars, weapons systems, and the like of enemies of the United States. The NSA states the mission of SIGNINT is limited to the gathering of information about foreign nations, groups or individuals, as well as terrorists that operate internationally. The NSA lists its customers of this intelligence as “all departments and levels of the United States Executive Branch” . While the NSA claims exclusivity to SIGINT, every branch of the government from the FBI to Navy SEALS whose role is driven by intelligence utilizes SIGINT in function if not in title.

SIGINT can also be preventing communications. For example, Egypt shut off all Internet access within its borders earlier this year. The global routing table, used to direct all traffic across the Internet, had nearly every route to Egypt removed . A month later, it was reported that satellite phone communications handled by Thuraya Satellite Telecommunications Co. were being jammed within Libya. This was in direct response to protest and unrest similar to that in Egypt . Similar is China’s attempts to continually censor the Internet and control what comes over the wire into its borders.

SIGINT is related to TEMPEST and EMSEC in that they fall on the opposite sides of a transmission. The organization sending and receiving the transmission utilizes TEMPEST/EMSEC techniques to secure the transmission, while the opposition uses SIGINT technologies in order to overhear the transmission. In Information Assurance, we work to preserve the confidentiality, integrity, and availability of data. TEMPEST/EMSEC is another method of ensuring the confidentiality of data. It is a counter to SIGINT, which attempts to violate the confidentiality of data. While these concepts began as government projects and most of what they’ve learned remains classified, the theory behind them can be applied anywhere that sensitive data is stored, processed or transmitted.


Post a Comment

Discuss this post!