A few days ago I read of another attempt at recognizing key presses by analyzing noise generated by the computer on the power line. That's another one to add to the list of so called TEMPEST attacks - ways to gather information via side channels without having physical access to the computer itself, for example via stray radio-frequency transmissions or signals leaking to power and other lines connected to the machine.
The general consensus seems to be that the best way to prevent any secrets from leaking out of your datacenter through power lines is to have a motor-generator set between your private and public power grids (basically you have a large electric motor on the public side powering a generator that powers the private side). The idea is that since power is transmitted via a mechanical shaft any electrical signals present on the private side would be lost.
Why exactly is that so? A motor turning a generator is a dynamic system just like an electronic filter (or the suspension system of your car for that matter). The basic mathematics that comes from system theory doesn't change with the implementation (whether it's electrical, mechanical or something more exotic). The only thing that matters in the end is the transfer function between the input signal on the private side and the output signal on the public side.
Let's look at the simplest example: a DC motor connected to a voltage source that is powering a DC generator via a heavy shaft. The input signal, that is emissions on the private side, is modeled by the alternating component of the source voltage ui and the output signal on the public side is the generator's open-circuit voltage uo. This model is a bit different from reality where the source of the signal is on the generator side, but this way it's easier to understand and the conclusions hold for the other case as well.
Since there's no load in the generator, its torque on the shaft is 0 and the output voltage has a nice linear relationship with the angular velocity ωm of the shaft (in the ideal case):
u_o = k_g \omega_m
On the other side of the shaft, the electric motor provides again a linear relationship between its driving voltage, the torque M exerted on the shaft and the angular velocity of the shaft:
M = k_u u_i - k_\omega \omega_m
Plug this relationship into the rotational version of Newton's second law, and you get the following linear differential equation for angular velocity:
M = \alpha J
\dot{\omega}_m J + \omega_m k_\omega = k_u u_i
Where J is the total moment of inertia for the rotating part of the machine (shaft and rotors of motor and generator). Now do a Fourier transform:
(j\omega) \Omega_m J + \Omega_m k_\omega = k_u U_i
\Omega_m = U_i \frac{k_u}{k_\omega} \frac{1}{j \omega \frac{J}{k_\omega} + 1}
Add the simple linear relation for Uo and you get the final, idealized transfer function:
U_o = U_i \frac{k_g k_u}{k_\omega} \frac{1}{j \omega \frac{J}{k_\omega} + 1}
If you ignore the constants in that equation, you can see that this is an ordinary transfer function for a first order low-pass filter. It has a single pole (at J/kω), which means that the attenuation of the filter falls by 20 decibels each frequency decade.
This is a frequency characteristic you might get for example for a simple RC or LR filter. So why go through all the difficulties of having to maintain a mechanical machine in your basement?
The answer is clear when you consider that the cut-off frequency for such a mechanical beast can easily be in the order of millihertz (think about how long it can take for a large motor to ramp up). Add a flywheel to the shaft (increasing J) and you can push it down for another few of orders of magnitude. Useful signals you might want to eavesdrop start beyond the kilohertz range, so you're seeing at least 120 dB of attenuation - well beyond any chance of recovering the already weak original signal from thermal noise.
To make an electronic filter with this performance you would need some pretty large coils and capacitors. And also keep in mind that a large amount of DC power needs to pass through the filter with a little loss as possible, which makes any kind of an active filter a big problem. There are no op-amps that will power a datacenter from their outputs.
An additional problem with electronic filters in this role is also that when you're talking about this level of attenuation, it's hard to get it right. Large coils get problematic because of stray capacitances between the windings and so on. Large physical separation between the private and public sides is just about the only thing that reliably reduces cross-talk.
A mechanical system doesn't have these hard-to-predict channels and a rotating shaft provides a convenient way to separate electric parts as much as required.
Syndicate this site:
