Side-Channel Attack and TEMPEST Certification Program (TCP)

The Visual Microphone: Passive Recovery of Sound from Video

Side-Channel Attack

In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or minor, but potentially devastating, mistakes or oversights in the implementation. (Cryptanalysis also includes searching for side-channel attacks.) Timing information, power consumption, electromagnetic leaks, and sound are examples of extra information which could be exploited to facilitate side-channel attacks.

Source: Wikipedia

TEMPEST Certification Program

TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers both methods to spy upon others and how to shield equipment against such spying. The protection efforts are also known as emission security (EMSEC), which is a subset of communications security (COMSEC).

Source: Wikipedia

The TEMPEST Certification Program (TCP) consists of three closely related NSA programs: the Certified TEMPEST Products Program, the Certified TEMPEST Test Services Program, and the Zoned Equipment Program. Each of these programs involves partnerships with industrial companies.

Source: NSA


Signal, Data, and Modulation

Modulation Schemes (Credit: Dr. Jan Noordhof)
Modulation Schemes

Signal, as a waveform, is the carrier of data. By alternating amplitude, frequency, phase, or any combination of them, the modulation process synthesizes the signal (as the carrier wave) and the data (as an input wave) and generates the modulated result. Modulation can be analog or digital.

Digital Modulation

Data Element vs Signal Element
Data Element vs Signal Element (Credit:

There are many types of digital modulation techniques, for example:

  • ASK – Amplitude Shift Keying
  • FSK – Frequency Shift Keying
  • PSK – Phase Shift Keying has more.


A Router’s Layered Architecture and Software-Defined Technologies

Data, Control, and Management Plane

A router is a device that forwards packets across various networks based on the routing table, which informs the decision of path selection per the distance-vector, link-state, or other criteria. A router is typically designed based on a layered architecture that isolates operations, such as data forwarding, route control, and system management so that they won’t interfere with one another.

A layer that shares common design concerns is also known as a plane in the architecture of a Cisco router; that is, the data plane, control plane, and management plane. The planes can be centralized, decentralized, or hybrid. A legacy router typically centralizes the data, control, and management planes. A Software-Defined Network (SDN) decentralizes the control plane to one or more standalone hosts called controllers. A hybrid approach employs controllers and keeps the control plane on discrete routers for performance and availability.

Continue reading