Ross Anderson s book Security Engineeringorrd/CompSecSeminar/2016/Chapter17-Alex.pdf · voting...
-
Upload
nguyenkhanh -
Category
Documents
-
view
216 -
download
0
Transcript of Ross Anderson s book Security Engineeringorrd/CompSecSeminar/2016/Chapter17-Alex.pdf · voting...
Emission security is the field which has to do with emissions
What are emissions?
Emissions are the act of producing or sending out something (such as energy or gas) from a source, in our case, Radio waves, heat, sound and electricity
Definition: In electronics, crosstalk is any phenomenon by which a signal transmitted on one circuit or channel of a transmission system creates an undesired effect in another circuit or channel. –wikipedia
Problem:
When telephones where new, phone lines would be stacked one on top of each other causing a lot of crosstalk
Solution:
Transposing the positions of the cables between every post turned the cabling into simple twisted pairs, reducing the problem significantly
During the first world war, field phones used by the British used “earth return” circuits, effectively halving the amount of wire required
Fun part: in 1914 the British were entrenched in the mud of Flanders (Belgium). Earth-leakage caused a lot of crosstalk, the Germans could listen in on British communications
More fun: in 1915 the use of (valve) amplifiers made the problem worse by extending the range at which emanations could be pick up.
These were made worse by the abandoned cabling in no-man’s land
To solve these issues the British switched to shielded twisted pair cabling and abolished the use of earth return anywhere near the front lines
During the 60’s, the British decided to spy on a French embassy
The embassies traffic (phone) was encrypted
Fun part: The Brits noticed that the encrypted traffic from the embassy carried a second faint signal
More fun: After constructing a device that captures this second signal, it was discovered that this signal was the plaintext which somehow leaked through the cipher machine
In 1985, a Dutch scientist by the name of Wimvan Eck published a paper explaining how he managed to reconstruct an image from a screen on a modified TV from a distance
Old screens produced enough emanations that they could be picked up from meters away, even through walls
Turns out that modern screens are also susceptible to such attacks!
In the following demonstration you will see a specially crafted video that makes the captured emanations, on a simple AM radio, play a tune.
in 2006 a Dutch group opposing electronic voting demonstrated an attack that let them eavesdrop on the voting machine from several tens of meters away
Several solutions were proposed:
Shielding the machine
Putting the machine in the middle of a larger perimeter
A software solution
Researchers found that the captured emanations were mostly the high frequencies of the image (outer parts in Fourier domain)
So they removed the top 30% of the frequency domain with a low pass filter
Keyboard keys make distinct enough sounds that, given a known keyboard, an attacker can know what has been typed from an audio recording
Modern attacks are so advanced that it is possible to map a keyboard by listening to some one type in English for 10 minutes
Problem: By bouncing a laser off of a window and studying the return, it is possible to get the audio from the room at great distances
Solution I: do not have windows.
Solution II: break line of sight to the build
Problem: If you hook up a high-performance photomultiplier tube to an oscilloscope it is possible to reconstruct an image from the diffuse reflection of a screen on some ones’ shirt/face. Now hook that up to a telescope…
Solution I: do not have windows or put blinds on them
Solution II: break line of sight to the building!
Most communication devices, such as modem and routers, have status LEDs
Many companies power these LEDs directly from the data line….
In 1945 the soviets gave the US Ambassador to Moscow a replica of the great seal of the united states
Inside the seal was hidden a resonant cavity microphone
The resonant frequency was changed by a diaphragm
Attached was a small antenna
When the antenna was “illuminated” (blasted with microwaves) at the right frequency it would broadcast, at a higher frequency.
The thing was discovered to be a bug in 1951
The thing was designed by Léon Theremin
By connecting to the power rails of a smart card, an attacker can learn a lot about the card
Logic
Writes
Some sophisticated defenses include:
Adding a random operation every ~64 cycles
making the internal clock only loosely connected to the external clock and changing the internal speed every ~64 cycles
In Britain of the 1960’s, TV detector vans roamed the streets catching stray RF from TVs in homes to find “TV Tax” evaders
Today, malls, radio stations and other car park operators monitor what incoming cars have their radios tuned to for marketing purposes
If its powered, it emanates
If it is not powered, it might interfere with emanations in interesting ways
If you fart in the forest a TLA* knows what
you ate for lunch.
*TLA-Three Letter Agency
-4 -2 02 4
-
1. 0
-
0. 5
0. 0
0. 5
1. 0
Chicken-chicken chicken chicken (ch)
Ch
icken
ch
icken
(ch
^2/c
h)
0.0 0
0.0 5
0.1 0
0.1 5
0.2 0
Ch
.
Ch
icken
/ch
ick
en
(ch
/ch
)
c = -1.27
chicken
chicken
chicken
Chicken chicken chicken chicken/chicken (chicken)
Chicken 2 Chicken chicken chicken, chicken chicken, chicken chicken chicken chicken,
chicken chicken chicken chicken.
icken chicken chicken chicken chicken chicken chicken. Chicken chickenschicken chicken chicken chicken chicken chicken-chicken chicken chickenChicken p. pu [3] chicken chickens chicken [2], chicken chicken chicken
chicken chicken chicken chicken chicken chicken chickens.
Chicken chicken chicken—chicken chicken chicken chicken chi- cken,chicken chicken chicken chicken chicken chicken chicken chicken chickenC(log n) [2]. Chicken p. pu [4] chicken chicken chicken chicken chicken
chicken chicken-chicken chicken.Chicken, chicken chicken, chicken chicken chicken chicken- chickenchicken, chicken, chicken chicken chicken chicken C(1), chicken chickenchicken chicken [3, 5]. Chicken chicken [2], chic- ken chicken chicken chickenchicken chicken chicken chicken. Ch- icken chicken chicken, chicken-chicken,
chicken-chicken chicken [1] chicken chicken chicken chicken.
3Chicken
Chicken chicken chicken chicken, chicken chicken chicken chic- ken chickenchickens chicken chicken chickens. Chicken chicken chicken 1. Chickenchicken chicken chickens chicken; chicken ch- icken chicken. Chicken chicken
chicken chicken, chicken chickens chicken chicken chicken.
Chicken chicken chicken chicken chicken chicken chicken chicken chickenchicken chicken. Chicken, chicken chicken chicken chi- cken chickenchicken chicken. Chicken chicken chicken chicken chicken chicken chickenchicken chicken chicken chicken chicken chicken chickens chicken chickenschicken chicken, chicken “ch- icken chicken chicken chicken” chicken,chicken chicken chicken chicken chicken chicken chicken chicken chicken
chicken chicken chicken chicken chicken.Chicken, chicken chicken chicken:
K(E) = 1kc + 2kin + 3kin+1 (1)
chicken
(c, h, i) SK(c, h, i) =K (c, h, i)
Ki(c, h, i)e
0110110011
{0010111011
01101
10011
00101
11011
01101
10011
00101
11011
chicken{
chicken
chicken
}
chicken
chicken
ch $c0 c
$c3,4 chk
$c3
ch $c1,$0
ch $c2,$0
...
chicken{
chicken
chicken
}
chicken
chicken
chicken chicken
chicken CCC/CCC
chicken
chicken chicken
Chicken chicken:
chickens {
Chicken chicken
chickens:
chicken, chicken {
Chicken chicken:
chickens
chicken
chickenchicken
chicken,
chickens
Chicken 3 Chicken chicken chicken, chicken chicken-chicken chickens chickens.
Chicken chicken CCC chicken, chicken cc2 . Chickens
hchickens chickens chickens. Chicken chicken, chickens chicken ch- icken
chicken chckens. Chicken chicken chicken chicken chicken c chicken chickens
chicken, chicken chickens chickenschicken
chickens hˆ Ei .
Chicken, chicken chicken, chicken chicken chicken
C(K) =nn
i=1i=1
(Ki) =2K(H )Ei i
2(2)
Chicken, chicken chicken chicken chicken chicken chicken chicken chickenchicken chicken chicken chicken. Chicken chicken chicken chicken chickenchicken chicken-chicken chicken chicken chicken. Chicken, chicken chickenchicken chicken chicken chicken chic- ken, chicken chicken chicken chicken.Chicken chicken, chicken chicken chicken chicken chicken chicken chickenchicken chicken chicken chicken chicken chicken, chicken chicken chicken
chicken.Chicken chicken chicken chicken, chicken chicken chicken chic- ken chickenchickens chicken chicken chicken chicken chicken ch- icken chicken chickenchicken chickens chicken chicken chicken chicken. Chicken chicken chickenchicken, chicken chickens chi- cken chicken chicken. Chicken chickenchicken chicken chicken, chicken chicken, chicken chicken chicken chicken,chicken chic- ken chicken chicken. Chicken, chicken chicken chickenchicken. Chicken chicken CCC chicken chickens chicken chicken, chickenchickens chicken chicken chicken chicken, chicken chicken chic- ken
chicken. Chicken chicken chicken chicken—chicken chicken
chicken chicken/chicken
chickens chickens,
chickens
chickens,
chickens,
chickens