Idea: Simplified TEMPEST-shielded unit (speculative proposal)

Sun Dec 14 20:33:28 PST 2003

TEMPEST shielding is fairly esoteric (at least for non-EM-specialists)
field. But potentially could be made easier by simplifying the problem.

If we won't want to shield the user interface (eg. we want just a
cryptographic processor), we may put the device into a solid metal case
without holes, battery-powered, with the seams in the case covered with
eg. adhesive copper tape. The input and output can be mediated by fibers,
whose ports can be the only holes, fraction of millimeter in diameter,
carefully shielded, in the otherwise seamless well-grounded box. There are
potential cooling problems, as there are no ventilation holes in the
enclosure; this can be alleviated by using one side of the box as a large
passive cooler, eventually with an externally mounted fan with separate
power supply. If magnetic shielding is required as well, the box could be
made of permalloy or other material with similar magnetic properties.

I am not sure how to shield a display. Maybe taking an LCD, bolting it on
the shielded box, and cover it with a fine wire mesh and possibly
metalized glass? Using LCD with high response time of the individual
pixels also dramatically reduces the value of eventual optical emissions.

I also have doubts about the keyboard. Several ideas that could help: We
may use optical scanning of the key matrix, with the light fed into and
read from the matrix by optical fibers, coming out from a well-shielded
enclosure, similar to the I/O lines of the first example. We may use a
"normal" keyboard, but modified to use reliably random scanning pattern;
that won't reduce the EM emissions of the keyboard, but effectively
encrypts them, dramatically reducing their intelligence value. It's then
necessary to take precautions about the data cable between the keyboard
itself and the computer, where the data go through in plaintext; it's
possible to encrypt it, or to use a fiber.

As really good shielding of complicated cases is difficult to achieve, the
primary objective of this approach is to put everything into simple
metallic boxes with as few and as small ports as possible, which should be
comparatively easy to manufacture, replacing the special contacting of
removable panels with disposable adhesive copper tape (the only reason to
go inside is replacing batteries, and the tape together with other
measures may serve as tamperproofing), and replacement of all potentially
radiating external data connections with fiber optic.

I should disclaim I have nothing that could vaguely resemble any deeper
knowledge of high frequencies; therefore I lay out the idea here and
wonder if anyone can see holes in it (and where they are).