A group of researchers from the Department of Computer Science at Tel Aviv University have had increasing success in revisiting an old technique but with a new twist. They have been using electromagnetic radiation from laptops to recover encryption keys. The hardware required (software defined radio: SDR) is very cheap - you can buy a SDR dongle for less than £30. The knowledge of how to exploit it has been published in a series of papers, the latest of which has just been issued and is due to be presented at cryptographers track at the RSA conference on 3rd March.
Without wishing to seem facetious, many years ago governments recognised that computers contains electrons that were accelerating around the equipment, and basic physics tells you that any time an electron moves it radiates electromagnetic waves. When this was first mooted as a possible way to recover information remotely from computers many thought those discussing it were, frankly, bonkers. Imagine their surprise when it was demonstrated that the contents of an old-style cathode ray tube (CRT) screen could be displayed some distance away. It was at that point that NATO countries developed a standard called TEMPEST. And even that wasn't completely new as Bell Labs had noted in World War II that 75% of plaintext could be recovered from teleprinters from over 20 metres away.
The TEMPEST standards are still used today. It has continued to evolve, no longer simply looking at electromagnetic emanations from equipment but also increasingly considering other forms of side channel attack such as sensors in smartphones being used to infer keystrokes.
