The Journal of Korean Institute of Electromagnetic Engineering and Science (한국전자파학회논문지)

The Korean Institute of Electromagnetic Engineering and Science (한국전자파학회)
권호 표지
DOI QR코드

DOI QR Code

Analysis on the Vulnerability of Information Leakage through Electromagnetic Emanations from PC Keyboard

키보드 누설 방사에 의한 정보 누설 취약성 분석

  • 이대헌 (한국전자통신연구원 부설 국가보안기술연구소) ;
  • 황인호 (한국전자통신연구원 부설 국가보안기술연구소)
  • Published : 2007.01.31
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we analyzed the vulnerability of information leakage due to the leakage electromagnetic waves of a PC keyboard. First, we reviewed the keyboard protocol and hardware structure, we analyzed the correlation between the data signal, which is transmitted from the keyboard to the main body, and the leakage signal on the power cable. With the result, we grasped the cause of the Conducted Emission of a PC keyboard. Also, we compared the limit level of the CISPR 22 standard with the amplitude of the keyboard leakage electromagnetic waves we calculated. By analyzing the signal on the power cable of the PC main body through the simple experiment, we show that it is possible to extract the contents of the PC key. Therefore it is verified that the secret information of the PC user could leak out.

본 논문에서는 PC 키보드의 누설 전자파에 의한 정보 누설 취약성을 분석하였다. 먼저 키보드 프로토콜과 하드웨어 구조를 살펴보고, 키보드에서 PC 본체로 전송되는 데이터 신호와 본체 전원선에 누설된 신호 사이의 상호 관계를 분석함으로써 키보드 전도성 방사의 원인을 파악하였다. 또한 키보드 누설 전자파의 크기를 계산하고 CTSPR 22 규격의 허용 레벨과 비교하였다. 간단한 실험을 통하여 PC본체 전원선의 신호를 분석하여 키보드 글쇠 내용을 얻을 수 있음을 보임으로써, PC 사용자의 중요 정보가 누설될 수 있음을 확인하였다.

Keywords

References

  1. Wim van Eck, 'Electromagnetic radiation from video display units: an eavesdropping risk', Computers & Security, vol. 4, pp. 269-286, 1985 https://doi.org/10.1016/0167-4048(85)90046-X
  2. M. G. Kuhn, 'Compromising emanations: eavesdropping risks of computer displays', Technical Report UCAM-CL-TR-577, Computer Laboratory, University of Cambridge, 2003
  3. National Security Agency, 'NACSIM 5000 TEMPEST Fundamentals', Fort George G. Meade, Maryland, Partially declassified transcript: http://cryptome. org/nacsim-5000.htm., Feb. 1982
  4. D. Asonov, R. Agrawal, 'Keyboard acoustic emanations', IEEE Symposium on Security and Privacy, pp. 3-11, 2004
  5. Joe Loughry, David A. Umphress, 'Information leakage from optical emanations', ACM Transactions on Information and System Security, vol. 5, no. 3, pp. 262-289, Aug. 2002 https://doi.org/10.1145/545186.545189
  6. Ross J. Anderson, Markus G. Kuhn, 'Soft tempest - an opportunity for NATO', Proceedings of Protecting NATO Information Systems in the 21st Century, IST Symposium, Washington D.C., U.S.A., Oct. 1999
  7. Eiji Sakai, Koosuk Harada, 'A new synchronous rectifier using bipolar transistor drivern by current transformer', IEEE Telecommunications Energy Conference INTELEC '92 14th International, pp. 424-429, 1992