Week 9: Physical and environmental security

Question 1

Give an example of a compromising emanation involving unintentional signals.

Answer 1

Unintentional signals that, if intercepted and analysed, would disclose the information transmitted, received, handled, or otherwise processed

Question 2

What is Emission Security?

Answer 2

Preventing attacks using compromising emanations

Question 3

What are side-channel attacks?

Answer 3

attacks that exploit stray optical, thermal and acoustic emanations from various kinds of equipment

Question 4

What are the two types of side-channel attacks?

Answer 4

Passive and active attacks

Question 5

What is a passive side-channel attack?

Answer 5

: The opponent makes use of electromagnetic signals. E.g.:
leakage through power and signal cables,
leakage through radio frequency (RF) signals

Question 6

What is an active side-channel attack?

Answer 6

The compromising emanations are hostilely induced or provoked. E.g.:
Tempest viruses,
“Nonstop”
“Glitching” and Differential Fault Analysis (in smartcards)

Question 7

What is Black Equipment

Answer 7

A term applied to equipment that processes only unclassified and/or encrypted information.

Question 8

What is black line?

Answer 8

An optical fibre or a metallic wire that carries a black signal or that originates/terminates in a black equipment or system.

Question 9

What is Red Equipment?

Answer 9

A term applied to equipment that processes unencrypted information (NSI) that requires protection during electrical/electronic processing

Question 10

WHat is Red Line?

Answer 10

An optical fibre or a metallic wire that carries a red signal or that originates/terminates in a red equipment or system.

Question 11

What is a red-side processor?

Answer 11

responsible for cryptographic functions

Question 12

What is a black side processor?

Answer 12

responsible for communication stacks and drivers

Question 13

There is an NSA specification and NATO certification for protecting equipment, why arent they revealed

Answer 13

Classified

Question 14

In 1981, what did NATO agree on?

Answer 14

agreed on a scheme to have vendors offer approved TEMPEST products for sale to NATO countries

Question 15

What does the NSA specification factors include?

Answer 15

distance, shielding, filtering and masking

Question 16

What is inspectable space?

Answer 16

The space surrounding equipment that processes classified or sensitive information within which exploitation is not practical or legal authority to identify and/or remove a potential exploitation exists.

Question 17

What is Uncontrolled Access Area?

Answer 17

The space in and around a building where no personnel access controls are exercised.

Question 18

What is TEMPEST Certified Equipment or System?

Answer 18

Equipment or systems that have complied with the US requirements of NSTISSAM TEMPEST/1-92 Level I or previous editions.

Question 19

What is a recommendation from tempest?

Answer 19

50cm between red processor and black
wires
equipment
power lines

Question 20

What is a method of cable protection?

Answer 20

Optical fibre does not emit electromagnetic energy.
Eavesdropping would require physical access to the fibre (difficult to occur undetected)

Cables can be manufactured in an intruder-resistant interlock armor, using steel or aluminium spiral wraps with UV-resistant sheath.

Secure connectors can help mixed-use facilities to keep systems separate

In the case of copper, crosstalk can be further minimised with a foil shield.

Question 21

What is Stingray?

Answer 21

Stingray is an example of an active attack, in which a fake base station tricks nearby phones to authenticate with them instead of a real base station (for which the signal would be weaker)