TEMPEST Attack
What is TEMPEST Attack?
TEMPEST AttackRecovery of secret information by capturing unintended electromagnetic, acoustic, or optical emanations from electronic equipment.
TEMPEST is an NSA codename and a family of side-channel attacks that recover sensitive information from compromising emanations leaking from monitors, keyboards, cables, power lines, and cryptographic devices. The classic case is van Eck phreaking, demonstrated in 1985, in which the electromagnetic emanations of a CRT or LCD display can be reconstructed at a distance to reveal the screen image. Modern variants extract AES and RSA keys from smartphones via electromagnetic probes, smartwatches, or even acoustic noise from CPUs. Mitigations are codified in standards such as NSTISSAM TEMPEST/1-92: shielded equipment and rooms (zoning), filtered power, separation distances, signal randomization, and constant-time implementations.
● Examples
- 01
Reconstructing the contents of a remote LCD by capturing its HDMI cable emanations.
- 02
Extracting an RSA private key by measuring CPU electromagnetic leakage during signing.
● Frequently asked questions
What is TEMPEST Attack?
Recovery of secret information by capturing unintended electromagnetic, acoustic, or optical emanations from electronic equipment. It belongs to the Cryptography category of cybersecurity.
What does TEMPEST Attack mean?
Recovery of secret information by capturing unintended electromagnetic, acoustic, or optical emanations from electronic equipment.
How does TEMPEST Attack work?
TEMPEST is an NSA codename and a family of side-channel attacks that recover sensitive information from compromising emanations leaking from monitors, keyboards, cables, power lines, and cryptographic devices. The classic case is van Eck phreaking, demonstrated in 1985, in which the electromagnetic emanations of a CRT or LCD display can be reconstructed at a distance to reveal the screen image. Modern variants extract AES and RSA keys from smartphones via electromagnetic probes, smartwatches, or even acoustic noise from CPUs. Mitigations are codified in standards such as NSTISSAM TEMPEST/1-92: shielded equipment and rooms (zoning), filtered power, separation distances, signal randomization, and constant-time implementations.
How do you defend against TEMPEST Attack?
Defences for TEMPEST Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for TEMPEST Attack?
Common alternative names include: Van Eck phreaking, Compromising emanations.
● Related terms
- cryptography№ 848
Power Analysis Attack
A side-channel attack that recovers secret keys by measuring fluctuations in the power consumption of a cryptographic device during operations.
- cryptography№ 445
Glitch Attack
A fault-injection technique that briefly perturbs voltage or clock signals to make a chip skip instructions or leak cryptographic secrets.
- cryptography№ 929
RFID Cloning
Copying the identifier or cryptographic data of an RFID tag, such as HID Prox or MIFARE Classic, onto another device to impersonate the original badge.
- cryptography№ 727
NFC Relay Attack
A real-time man-in-the-middle attack that tunnels NFC traffic between a victim's card and a remote reader so the attacker can use the card from a distance.
- vulnerabilities№ 1038
Side-Channel Attack
An attack that recovers secrets from a system by observing physical or implementation characteristics — timing, power, electromagnetic emissions, caches, acoustic signals — rather than logical flaws.