Echo TEMPEST: EM Information Leakage Induced by IEMI for Electronic Devices

Abstract

Electromagnetic (EM) information leakage encourages attacks, wherein the attackers passively capture and analyze EM waves that are unintentionally generated by devices. Generally, devices with weak EM emission intensities are not targeted. However, even these devices would be subject to attacks if it becomes possible to actively sense the electrical changes that occur within them when information is processed. This article demonstrates the feasibility of the information leakage threat induced by the active sensing of input impedance changes in the input/output (I/O) circuit of an integrated circuit (IC). Specifically, the changes in the input impedance when information was transmitted from the IC, were measured by irradiating the EM waves from outside the target device. This article labels the threat as Echo TEMPEST. The experiment validated Echo TEMPEST with an evaluation board that simulated the I/O circuit of the IC, UART modules, and USB keyboards. It was also demonstrated that attackers could control the distance (obtained information from the target device), depending on the intensity of the irradiated EM waves. Furthermore, we discussed countermeasure methods focusing on the conditions for executing Echo TEMPEST.