资源描述:
《Chapter 17 Emission Security》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、CHAPTER17EmissionSecurityThehumofeitherarmystillysounds,ThatthefixedsentinelsalmostreceiveThesecretwhispersofeachothers’watch;Fireanswersfire,andthroughtheirpalyflamesEachbattleseestheother’sumbredface.—WilliamShakespeare,KingHenryV,ActIV17.1IntroductionEmissionsecurity,
2、orEmsec,isaboutpreventingattacksusingcompromisingemanations,namelyconductedorradiatedelectromagneticsignals.Ithasmanyaspects.MilitaryorganizationsaregreatlyconcernedwithTempestdefenses,whichpreventthestrayRFemittedbycomputersandotherelectronicequipmentfrombeingpickedu
3、pbyanopponentandusedtoreconstructthedatabeingprocessed.Tempesthasrecentlybecomeanissueforelectronicvotingtoo,afteraDutchgroupfoundtheycouldtellatadistancewhichpartyavoterhadselectedonavotingmachine.Thesmartcardindustryhasbeengreatlyexercisedbypoweranalysis,inwhichacom
4、putationbeingperformedbyasmartcardsuchasadigitalsignatureisobservedbymeasuringthecurrentdrawnbytheCPUandthemeasurementsusedtoreconstructthekey.Thesethreatsarecloselyrelated,andhaveanumberofcommoncountermeasures.Researchershavealsodiscoveredattacksthatexploitstrayoptic
5、al,thermalandacousticemanationsfromvariouskindsofequipment.Suchtechniquesarealsoreferredtoassidechannelattacksastheinformationisleakingthroughachannelotherthanthosedeliberatelyengineeredforcommunication.523524Chapter17■EmissionSecurityPeopleoftenunderestimatetheimport
6、anceofEmsec.However,itseemsthattheworldsmilitaryorganizationsspentasmuchonitasoncryptographyduringthelastquarterofthetwentiethcentury.Inthecommercialworld,theuptakeofsmartcardswasmateriallysetbackinthelastfewyearsofthatcenturybytherealizationthatallthesmartcardsthenon
7、themarketwereextremelyvulnerabletosimpleattackswhichrequiredtheattackeronlytotrickthecustomerintousingaspeciallyadaptedterminalthatwouldanalyzethecurrentitdrewduringasmallnumberoftransactions.Theseattacksdidnotinvolvepenetratingthecardandthusmightleavenotrace.Oncefield
8、ed,theywereverymuchcheaperthanprobingattacks,andpotentiallyallowedlarge-scalecard-cloningattacksagainstanunsuspectingcardhol
