Tempest: Magnitude of threat and mitigation techniques

Information interception and code deciphering for accomplishing varied needs by enemy nations, rival groups/individuals and sometime even peers, has been in existence probably over the centuries, though the techniques or methodology employed has seen a paradigm shift due to the ever advancing technologies. In this age of information warfare and information technology, wars will be decided on sheer basis of information superiority and control. This is true for both, conventional wars using newer technologies or economic war which is the current buzz word for most nations worldwide. Over the decades, there has been extensive study that has altered the approach not only towards highly hardened electronic/ data security measures, but also towards newer data interception techniques. One technique now becoming prevalent is the remote interception of data from high speed, high security networks. High performance and highly sensitive receiver systems with the ability to "listen" to almost any form of communication are commonly available over the counter from a varied number of sources at highly affordable prices depending of course, on the feature, complexity and reliability desired of such equipment. Such devices range from simple receivers costing few hundred dollars, to highly expensive set-ups that employ microwaves and lasers for the interception of almost any signal in the spectrum. These devices, often loosely referred to as "TEMPEST" devices, certainly pose a severe threat not only to the high security defence networks, but also to the arena of Intellectual Protection Rights (IPR) of research organisations, mega companies and technological giants. TEMPEST, originally a US Government code word identifies a classified set of standards for limiting electric or electromagnetic emanations from electric, electronic, electro-mechanical or electro-optical equipments. The paper concentrates on the vulnerability of computer systems to spurious emanations which can be intercep- ted and reconstructed thereby disclosing information non-intentionally. It looks at the possible defensive and protective measures that can be implemented to make a TEMPEST hardened computer system. The paper essentially seeks to raise these important issues, and it also provides outlines of possible approaches to tackling the problems identified. The issues being considered are the ones directly affecting the hardware designs, shielding concepts and other protective measures that can be implemented to achieve the desired results. This Technical Paper covers the aspect of the effects of leakage of undesired EM radiations from computer systems and provides guidelines for the suppression techniques and methods to achieve TEMPEST hardening in computer design.