At 03:20 AM 7/23/96 -0400, Rabid Wombat wrote:
Doesn't that make it vulnerable (detectable) to Tempest attacks?
No. Transmitting light via fiber doesn't emit EM. Anyway, the original post, as I recall, was about keeping sensitive data on a second hard drive, connected via (very thin, therefore harder to notice) fiber. Tempest monitoring was not a factor.
It occurs to me that a bare fiber could actually be (randomly) hung across treetops, roofs, power lines, and various other structures, over a many-block distance in suburban areas. Such a fiber wouldn't be protected very well, but it would probably last a few months. It would also be exceedingly hard to find its terminations, and tracing it would be a real pain. (It probably wouldn't be visible against a bright sky more than a meter or two away.) Jim Bell jimbell@pacifier.com
On Tue, 23 Jul 1996, jim bell wrote:
At 03:20 AM 7/23/96 -0400, Rabid Wombat wrote:
Doesn't that make it vulnerable (detectable) to Tempest attacks?
No. Transmitting light via fiber doesn't emit EM. Anyway, the original post, as I recall, was about keeping sensitive data on a second hard drive, connected via (very thin, therefore harder to notice) fiber. Tempest monitoring was not a factor.
It occurs to me that a bare fiber could actually be (randomly) hung across treetops, roofs, power lines, and various other structures, over a many-block distance in suburban areas. Such a fiber wouldn't be protected very well, but it would probably last a few months. It would also be exceedingly hard to find its terminations, and tracing it would be a real pain. (It probably wouldn't be visible against a bright sky more than a meter or two away.)
It also would have little structural integrity - if you attached it to trees, which sway in the wind, you'd have a broken fiber in a short time. (The fiber doesn't even need to break, per se; microscopic cracking, usually at the cladding, will ruin your fiber) (bird strikes would also be a big problem, mostly for the bird) Fiber optic cable usually has a kevlar sheath, and exterior aerial grade fiber generally has a fiberglass rod inserted between the inner sheaths and the exterior jacket. Water is also a factor - fiber buried in areas where moisture is likely to be present (almost all applications) is usually installed with a silicon gel between the interior jackets and the exterior; water otherwise adheres to the exterior of the cladding, and expands due to freezing. This causes fine fractures in the cladding, which makes it more refractive - increasing chromatic dispersion, and therefore a higher db loss on the cable. :) ob crypto/privacy: Anybody have a good idea for detecting a tap on exterior fiber? I'd expect an attacker to have to interupt connectivity, terminate both ends of a break, and insert an active device. Thoughts?
Jim Bell jimbell@pacifier.com
-----BEGIN PGP SIGNED MESSAGE----- In article <Pine.BSF.3.91.960723170725.23791A-100000@mcfeely.bsfs.org>, Rabid Wombat <wombat@mcfeely.bsfs.org> wrote:
ob crypto/privacy: Anybody have a good idea for detecting a tap on exterior fiber? I'd expect an attacker to have to interupt connectivity, terminate both ends of a break, and insert an active device. Thoughts?
As has been mentioned earlier, all an attacker has to do is encourage some of the light to exit the fiber, by bending it, contacting it with a detector, etc. If the detector is sensitive enough, the loss induced by this is minimal. This sort of tapping is exactly the sort of thing quantum cryptography is supposed to prevent, or at least identify. Nothing short of quantum methods is going to spot the tap, unless you happen to come across the tap by inspecting the entire length of the fiber. - -- Alan Bostick | [Spielberg's] latest is TWISTER, a film that mailto:abostick@netcom.com | gives whole new meaning to the phrase "giant news:alt.grelb | sucking sound." -- Patrick Taggart http://www.alumni.caltech.edu/~abostick -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMffDPeVevBgtmhnpAQHftwL9HTNe4VUHlpRkOAYW1nKFwyw3cqkM+xXt +zXOHuR52ffP1M2IZwTnPpBrBaXlCa6W+3uahnczVdJmAR/0MF5ksnh6bpjd+9IP KmqnBG52X8f+HazUEygNJkRD1oVGlMTH =FHZ5 -----END PGP SIGNATURE-----
Greetings, There are other ways of detecting the application of the tap, but at this time, the chance of detecting the existance of the tap is reallistically pretty slim. If the fiber is enclosed in a pressurised conduit, then a drop in the conduit pressure indicates that someone MAY be trying to gain access to the fiber. While a pressurized glove-box around the conduit may allow a break in the conduit to be made without detection, varying the pressure in the conduit makes that a lot more difficult. It all depends on what the value is of the data you are trying to protect/access. -=Chris On Thu, 25 Jul 1996 11:52:12 -0700, the sage abostick@netcom.com (Alan Bostick) scribed:
-----BEGIN PGP SIGNED MESSAGE-----
In article <Pine.BSF.3.91.960723170725.23791A-100000@mcfeely.bsfs.org>, Rabid Wombat <wombat@mcfeely.bsfs.org> wrote:
ob crypto/privacy: Anybody have a good idea for detecting a tap on exterior fiber? I'd expect an attacker to have to interupt connectivity, terminate both ends of a break, and insert an active device. Thoughts?
As has been mentioned earlier, all an attacker has to do is encourage some of the light to exit the fiber, by bending it, contacting it with a detector, etc.
If the detector is sensitive enough, the loss induced by this is minimal.
This sort of tapping is exactly the sort of thing quantum cryptography is supposed to prevent, or at least identify. Nothing short of quantum methods is going to spot the tap, unless you happen to come across the tap by inspecting the entire length of the fiber.
- -- Alan Bostick | [Spielberg's] latest is TWISTER, a film that mailto:abostick@netcom.com | gives whole new meaning to the phrase "giant news:alt.grelb | sucking sound." -- Patrick Taggart http://www.alumni.caltech.edu/~abostick
-----BEGIN PGP SIGNATURE----- Version: 2.6.2
iQB1AwUBMffDPeVevBgtmhnpAQHftwL9HTNe4VUHlpRkOAYW1nKFwyw3cqkM+xXt +zXOHuR52ffP1M2IZwTnPpBrBaXlCa6W+3uahnczVdJmAR/0MF5ksnh6bpjd+9IP KmqnBG52X8f+HazUEygNJkRD1oVGlMTH =FHZ5 -----END PGP SIGNATURE-----
-- ( ( | ( Chris Liljenstolpe <Chris.Liljenstolpe@ssds.com> ) ) (| ), inc. SSDS, Inc; 8400 Normandale Lake Blvd.; Suite 993 business driven Bloomington, MN 55437; technology solutions TEL 612.921.2392 FAX 612.921.2395 Fram Fram Free! PGP Key 1024/E8546BD5 FE 43 BD A6 3C 13 6C DB 89 B3 E4 A1 BF 6D 2A A9
participants (4)
-
abostick@netcom.com -
chris.liljenstolpe@SSDS.com -
jim bell -
Rabid Wombat