Paper 2021/1064

Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power Indicator LED

Ben Nassi, Yaron Pirutin, Tomer Cohen Galor, Yuval Elovici, and Boris Zadov

Abstract

Two main classes of optical TEMPEST attacks against the confidentiality of information processed/delivered by devices have been demonstrated in the past two decades; the first class includes methods for recovering content from monitors, and the second class includes methods for recovering keystrokes from physical and virtual keyboards. In this paper, we identify a new class of optical TEMPEST attacks: recovering sound by analyzing optical emanations from a device’s power indicator LED. We analyze the response of the power indicator LED of various devices to sound and show that there is an optical correlation between the sound that is played by connected speakers and the intensity of their power indicator LED due to the facts that: (1) the power indicator LED of various devices is connected directly to the power line, (2) the intensity of a device’s power indicator LED is correlative to the power consumption, and (3) many devices lack a dedicated means of countering this phenomenon. Based on our findings, we present the Glowworm attack, an optical TEMPEST attack that can be used by eavesdroppers to recover sound by analyzing optical measurements obtained via an electro-optical sensor directed at the power indicator LED of various devices (e.g., speakers, USB hub splitters, and microcontrollers). We propose an optical-audio transformation (OAT) to recover sound in which we isolate the speech from optical measurements obtained by directing an electro-optical sensor at a device’s power indicator LED Finally, we test the performance of the Glowworm attack in various experimental setups and show that an eavesdropper can apply the attack to recover speech from speakers’ power LED indicator with good intelligibility from a distance of 15 meters and with fair intelligibility from 35 meters.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
TEMPEST attacksprivacyside-channel attackeavesdroppingsound recovery.
Contact author(s)
nassiben5 @ gmail com
History
2021-08-23: received
Short URL
https://ia.cr/2021/1064
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1064,
      author = {Ben Nassi and Yaron Pirutin and Tomer Cohen Galor and Yuval Elovici and Boris Zadov},
      title = {Glowworm Attack: Optical TEMPEST Sound Recovery via a Device’s Power Indicator LED},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1064},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1064}},
      url = {https://eprint.iacr.org/2021/1064}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.