We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

TEMPEST Radio Station

16
 Cite
 Share
 Download
 Purchase
No logo availableDEF CON
 Hameiri, Paz

Formal Metadata

Title
TEMPEST Radio Station
Title of Series
Number of Parts
84
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
TEMPEST is a cyber security term that refers to the use of electromagnetic energy emissions generated by electronic devices to leak data out of a target device. The attacks may be passive (where the attacker receives the emissions and recovers the data) or active (where the attacker uses dedicated malware to target and emit specific data). In this talk I present a new side channel attack that uses GPU memory transfers to emit electromagnetic waves which are then received and processed by the attacker. Software developed for this work encodes audio on one computer and transmits it to the reception equipment positioned fifty feet away. The signals are received and processed and the audio is decoded and played. The maximum bit rate achieved was 33kbit/s and more than 99% of the packets were received. Frequency selection not only enables maximization of signal quality over distance, but also enables the attacker to receive signals from a specific computer when several computers in the area are active. The software developed demonstrates audio packets transfers, but other types of digital data may be transmitted using the same technique. REFERENCES: Eck W. “Electromagnetic radiation from video display units: an eavesdropping risk?” Computers and Security, 4, no. 4: 269-286, 1985. Kuhn, M. G., and Anderson, R. J. Soft. “Tempest: Hidden Data Transmission Using Electromagnetic Emanations.” In Information Hiding (1998), ed. D. Aucsmith, vol. 1525 of Lecture Notes in Computer Science, (Springer): 124–142. Thiele, E., “Tempest for Eliza.” 2001. http://www.erikyyy.de/tempest/. Kania B., “VGASIG: FM radio transmitter using VGA graphics card.” 2009. http://bk.gnarf.org/creativity/vgasig/vgasig.pdf. Guri M., Kedma G., Kachlon A., Elovici Y. “AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies.” In Malicious and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference on IEEE, 2014: 58-67. 2pkaqwtuqm2q7djg,"OVERCLOCKING TOOLS FOR NVIDIA GPUS SUCK, I MADE MY OWN". 2015. https://1vwjbxf1wko0yhnr.wordpress.com/2015/08/10/overclocking-tools-for-nvidia-gpus-suck-i-made-my-own/ nvapioc project: https://github.com/Demion/nvapioc SDRplay API Specification v3, https://www.sdrplay.com/docs/SDRplay_API_Specification_v3.pdf Simon Rockliff's Reed-Solomon encoding-decoding code at http://www.eccpage.com/rs.c