Pointers on Historical Cryptanalysis

[Ross Anderson]

> Wright uses the term "radio illumination" in connection
> with ENGULF and STOCKADE. What does this term
> mean and what is its technology? Over what distance
> is it effective? How does this differ from TEMPEST
> technology?

See chapter 15 of my book, `Security Engineering'
<http://www.cl.cam.ac.uk/~rja14/book.html>.

Electronic equipment processing sensitive information may be
illumated by radio signals, whether accidentally or on
purpose, and may retransmit a version of these signals that
is modulated by that information. The mechanism typically
involves a wire in the equipment that acts as an antenna at
the appropriate frequency, and is also terminated by a
nonlinear junction (such as a transistor) that is processing
the information.

According to declassified USAF documents, the codeword NONSTOP
is applied to the accidental modulation of RF by classified
data. It is the main emission security issue for ships and
aircraft.                                

I have come across three cases of deliberate radio illumination.
There's the bogus Great Seal of the United States, in the NSA
museum, which Soviet schoolchildren `made' and gave to the US
ambassador. he hung it in his study at home; the Soviets
illuminated it with microwaves; these were retransmitted from a
hidden cavity that acted as a microphone. The second case
involved the illumination of a (supposedly Tempest-certified)
word processor with 10GHz microwave, which penetrated the wire
mesh over the ventilator fan. The third involved special
apparatus to snoop on PC keyboards by illuminating the cable
with a radio signal at about 150MHz.

This is all written up at much greater length in the book

Ross