gr-tempest : an open-source GNU Radio implementation of TEMPEST
Resumen:
Like all time-varying voltage and current, a video interface connecting a PC to its monitor emits electromagnetic waves. The attack commonly known as TEMPEST (or Van Eck Phreaking) consists in receiving this signal and inferring the image being displayed on the monitor; that is to say, pointing an antenna to a PC and spying the monitor. This is a particularly interesting application for Software Defined Radio (SDR), as it requires modeling the signal and implementing a custom receiver. However, and although the first public demonstrations date back to the mid-80s by Wim Van Eck, no open-source implementation was available until Martin Marinov's TempestSDR was published in 2014. TempestSDR consists of a module written in C that takes care of the signal processing, plug-ins for various models of SDR hardware, and a Java-based GUI. This results in a multi-platform software that, although functional, it is difficult to extend or tweak. For instance, new plug-ins have to be written for new SDR hardware, or including filters or other DSP blocks in the signal's flow is not straightforward at all. To remedy this we developed gr-tempest, an open-source GNU Radio-based implementation of TEMPEST (available at https://github.com/git-artes/gr-tempest). This is an on-going project whose objective is to enable simpler experimentation by taking advantage of GNU Radio's functionalities and support. We describe the mathematical principles behind the TEMPEST attack and present how grtempest works. Furthermore, we show several real-world examples including both VGA and HDMI, and the fundamental differences between both types of signals. Finally, some of the advantages of using GNU Radio's framework are showcased by introducing modifications to the DSP chain that allows significant improvements of the resulting image with respect to the original method used in TempestSDR.
2022 | |
Este trabajo fue parcialmente financiado por la NSF (fondo CCF-1750428 y ECCS-1809356) | |
Image quality Receiving antennas Voltage Signal processing Rendering (computer graphics) Hardware Software Side-channel attack Eavesdropping attack Compromising emanations Software defined radio |
|
Inglés | |
Universidad de la República | |
COLIBRI | |
https://hdl.handle.net/20.500.12008/36505 | |
Acceso abierto | |
Licencia Creative Commons Atribución - No Comercial - Sin Derivadas (CC - By-NC-ND 4.0) |
Sumario: | Trabajo presentado y publicado en 2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Singapore, Singapore, 14-16 dec. 2022, pp. 1-6. |
---|