Assessing the Security of TEMPEST Fonts Against Electromagnetic Eavesdropping by Using Different Specialized Receivers

applied sciences

Article Assessing the Security of TEMPEST Fonts against Electromagnetic Eavesdropping by Using Diﬀerent Specialized Receivers

Ireneusz Kubiak 1,* , Alexandru Boitan 2 and Simona Halunga 3 1 Electromagnetic Compatibility Department, Military Communication Institute, Zegrze Poludniowe 05-130, Poland 2 Special Telecommunications Services, SplaiulIndependent, ei St., Bucharest 060044, Romania; [email protected] 3 Telecommunications Department, University Politehnica of Bucharest, Bucharest 060042, Romania; [email protected] * Correspondence: [email protected]

Received: 2 April 2020; Accepted: 15 April 2020; Published: 19 April 2020

Abstract: The main topic of the present paper is the printed text protection against electromagnetic infiltration. There are many solutions to protect such data. One of these methods is the one that uses computer fonts that are characterized by special shapes. The suitability of the solution has to be confirmed by many tests and analyses. An important element of such researches is the class of receiving devices used. In the case of measurements of the valuable emissions arising from electronic data processing of the printed text, typical receivers that are used for measurements of electromagnetic compatibility cannot be used. They have to be dedicated devices for measuring the very low level of signal that arises unintentionally. The sensitivity of the receiver must be very high in wide measuring bands. In addition, in order to assess the method of preventing electromagnetic infiltration, it is important to verify it by independent institutions. An additional advantage is the use of different receivers in the assessment process. This paper presents the results of studies made regarding the suitability of two sets of fonts with special shapes (secure symmetrical and secure asymmetrical) in secure information processing. The analysis of the fonts was based on visual examination, a basic method of preliminary assessment of electromagnetic emissions correlated with processed text information, of the images reproduced from unwanted emissions. The tests were carried out at two independent institutions, Military Communication Institute—Poland, Special Telecommunications Services—Romania, using three different types of receivers: Tempest Test System DSI-1550A, Rohde & Schwarz FSET22 and Rohde & Schwarz FSWT. The images obtained in the two independent laboratories with different setup and test equipment confirmed thus without doubt the possibility of using special fonts as the solution against an effectiveness of electromagnetic infiltration. The above assessment is correct, regardless of the used receiver and the environment of implementation of the secure fonts.

Keywords: electromagnetic eavesdropping; electromagnetic inﬁltration; valuable emission; TEMPEST font; electromagnetic propagation; electromagnetic devices; electromagnetic measurements; software protection; information security; computers and information processing

1. Introduction Information protection is an important element of human life, from both a private and a professional standpoint. To protect information that is electronically stored or processed, various methods are used, based on solutions that are not always accepted by all users. Those processes can be a source of

Appl. Sci. 2020, 10, 2828; doi:10.3390/app10082828 www.mdpi.com/journal/applsci Appl. Sci. 2020, 10, 2828 2 of 18 electromagnetic emissions correlated with the processed information, which become fully useful in the electromagnetic infiltration process. In the TEMPEST evaluation process, all digital signals transferred from the communication ports of the tested equipment are considered to be compromising signals, such as PS/2 port connector [1], USB (Universal Serial Bus ports or peripherals) [2,3], RJ45 modular connector [4], video signals from VGA (Video Graphics Array), DVI (Digital Visual Interface), HDMI (High-Definition Multimedia Interface) and other display ports [5–7] or RS232 serial port [8]. Output devices such as printers [9–12] and video projectors [13] are also being investigated. The video display signal is considered to be the most unsafe in terms of vulnerability to electromagnetic intrusion attacks from all compromising signals that can be emittedAppl. Sci. 2020 by, 10 a, x personal FOR PEER REVIEW computer. This is also recognized by the TEMPEST2 proceduresof 19 [14], which assignbe to a source this type of electromagnetic of signal theemissions most correlat restrictiveed with correspondingthe processed information, category which as become a compromising signal. The successivefully useful in videothe electromagnetic frames are infiltration similar process. to each other and, for this reason, the video signal has the attributesIn ofthe aTEMPEST repetitive evaluation signal, process, which all digital means signals that transferred it is almost from the periodic communication [15]. ports This feature can of the tested equipment are considered to be compromising signals, such as PS/2 port connector [1], allow a potentialUSB (Universal attacker Serial to apply Bus ports the or mediationperipherals) [2,3], processes RJ45 modular that connector highlight [4], video the videosignals from signal, reducing the effect of ambientVGA (Video noise Graphics in this Array), way. DVI (Digital Visual Interface), HDMI (High-Definition Multimedia The effectivenessInterface) andof other the display electromagnetic ports [5–7] or RS232 infiltration serial port [8]. can Output be limited devices such in as several printers ways:[9– limiting 12] and video projectors [13] are also being investigated. The video display signal is considered to be levels of electromagneticthe most unsafe in terms emissions of vulnerability correlated to electromagnetic (having intrusion distinctive attacks from features) all compromising with processed information [signals14–17 that], a disturbancecan be emitted by of existinga personal revealingcomputer. This emissions is also recognized [18,19] orby the appropriate TEMPEST shaping of the emissionprocedures source to [14], eliminate which assign features to this thattype of enable signal the identification most restrictive e.g.,corresponding of text datacategory characters as a [20–22]. compromising signal. The successive video frames are similar to each other and, for this reason, the TEMPESTvideo protection signal has the countermeasuresattributes of a repetitive nowsignal, involvewhich means hardware that it is almost modification periodic [15]. This of Information Technology andfeature Communications can allow a potential attacker (IT&C) to apply equipment the mediation by processes applying that highlight shielding the video measures signal, (shielded housings andreducing shielding the effect window), of ambient powernoise in this and way. signal filtering, or modifying printed circuit boards The effectiveness of the electromagnetic infiltration can be limited in several ways: limiting in order to minimizelevels of electromagnetic the total amount emissions of correlated the equipment (having distinctive electromagnetic features) with radiation processed and not only those containinginformation information [14–17], a (compromisingdisturbance of existing emanation). revealing emissions This [18,19] is reflected or appropriate in the shaping cost of of the shielded the emission source to eliminate features that enable identification e.g., of text data characters [20– equipment, which is often 5–8 times higher than the modified commercial equipment. It is true that the 22]. security of sensitiveTEMPEST information protection is countermeasures related to national now involve security hardware issues modification and must of be Information applied regardless of the costs involved,Technology but and maintaining Communications the level(IT&C) of equipmen securityt by of applying this information shielding measures with reducing(shielded costs is the housings and shielding window), power and signal filtering, or modifying printed circuit boards in target of the TEMPESTorder to minimize protection the total measures,amount of the which equipm isent specified electromagnetic by o ffiradiationcial documents and not only asthose the “protection zone model”.containing information (compromising emanation). This is reflected in the cost of the shielded The disturbanceequipment, which of existing is often 5–8 revealing times higher emissions than the modified does commercial not lower equipment. the levels It is true ofthese that emissions. the security of sensitive information is related to national security issues and must be applied It introducesregardless additional of the sources costs involved, of electromagnetic but maintaining disturbances, the level of security some of ofthis which information can reachwith significant levels. This solutionreducing costs is not is the recommended, target of the TEMPEST due to prot theection deliberate measures, introduction which is specified of additionalby official sources of electromagneticdocuments emissions as the “protection into the environment.zone model”. The disturbance of existing revealing emissions does not lower the levels of these emissions. It Shapingintroduces the sources additional of sources such of emissions electromagnetic is disturbances, another method some of which that can limits reach significant the effectiveness of electromagneticlevels. infiltration. This solution is This not recommended, is achieved due by to changing the deliberate the introduction colors of of theadditional text andsources the of background. An appropriateelectromagnetic selection emissions of color into pairs the environment. may reduce the effectiveness of the source of unwanted Shaping the sources of such emissions is another method that limits the effectiveness of emissions [15electromagnetic,16]. However, infiltration. this This method is achieved is not by changing universal the colors from of the the text point and ofthe viewbackground. of application in video standards.An appropriate A certain selection properly of color selected pairs may text reduce and the background effectiveness colorof the pairssource canof unwanted be effective for the analogue VGAemissions standard, [15,16]. but, However, in the this case method of the is not digital universal DVI from (HDMI) the point standard, of view of application the efficiency in of a color video standards. A certain properly selected text and background color pairs can be effective for the pair may notanalogue be so obvious VGA standard, [16]. but, in the case of the digital DVI (HDMI) standard, the efficiency of a color There ispair a newmay not proposed be so obvious method [16]. based on computer fonts with specially designed shapes (Figure1). Font charactersThere is a new shape proposed the method electrical based signalon computer of each fonts video with specially standard, designed which shapes is a potential (Figure 1). Font characters shape the electrical signal of each video standard, which is a potential source of emission.source of emission.

(a)

Figure 1. Cont. Appl. Sci. 2020, 10, 2828 3 of 18 Appl. Sci. 2020, 10, x FOR PEER REVIEW 3 of 19

. (b)

Figure 1. Characters of secure fonts: (a) secure symmetrical, (b) secure asymmetrical. Figure 1. Characters of secure fonts: (a) secure symmetrical, (b) secure asymmetrical. Fonts do not reduce electromagnetic emissions. However, font character shapes without Fonts docharacteristic not reduce elements electromagnetic create a high level of emissions. similarity of the However, revealing emissions font characterin the time domain. shapes without characteristicBy elements using these create special a fonts, high a levelpotential of attacker similarity will manage of the to revealing restore the emissionsimage by receiving in the the time domain. compromised emanation (CE) generated by the IT&C equipment, but will not be able to extract By using theseinformation special from fonts, the arestored potential image attackerwhich represents will managethe target of to the restore TEMPEST the domain. image by receiving the compromised emanationAnother important (CE) generatedissue is the practical by the advantages IT&C equipment,of the method. This but assessment will not is becarried able to extract information fromout using the a restored special receiver image dedicated which to represents the measurement the targetof electromagneti of the TEMPESTc revealing emissions. domain. The level of these electromagnetic emissions is very low, and the bandwidth of the signals, especially Anotherdigital important ones, is very issue wide. is theTherefore, practical the sensitivity advantages of the measuring of the method.receiver must This be very assessment high, and is carried out using a specialthe available receiver measurement dedicated bands very tothe wide, measurement up to 500 MHz [23–25]. of electromagnetic The second method of revealing verifying emissions. The level of thesethe graphic electromagnetic sources of revealing emissions emissions is is visual very analysis. low, and This the anal bandwidthysis is based on of graphic the signals, images especially that are obtained as a result of the rasterization process of recorded revealing emissions. digital ones, is veryThe authors wide. are Therefore, analysing the the possibility sensitivity of data recovery of the measuringprocessed by electronic receiver devices must by bea very high, and the availablepossible measurement intruder that does bands not have very access wide,to the location up to in 500which MHz the equipment [23–25 is]. placed, The just second from method of verifying the graphicspurious electromagnetic sources of revealing emissions.emissions Usually such is locations visual are analysis. secured ones, This placed analysis under is guard, based on graphic and, if such an intruder appears, they cannot have bulky equipment and suspicious behaviour. They images that arecannot obtained carry a ascomputer a result or laptop of the and rasterization wait there while process it still performs of recorded numerical revealing algorithms emissions. to The authorsidentify are the analysingdata from electromagnetic the possibility emissions. of That data is why recovery the visual method processed is used, by and, electronic as with devices by a possibleany intruder method based that on does human not perception, have access quantitati tove the numerical location indicators in which do not theapply. equipment However, is placed, many test subjects have been used, and the conclusions regarding the degree of similarity between just from spuriousdifferent electromagnetic letters and numbers emissions.written with the Usually secure symmetrical such locations and secure are asymmetrical secured ones,fonts are placed under guard, and, ifpresented such an in intruder section 4 appears,[20]. It has theybeen proven cannot that have the results bulky obtained equipment based on and visual suspicious method behaviour. They cannot carrycorrespond a computer to the ones or that laptop used numerical and wait algorithms there while for similarity it still performsassessment and numerical character algorithms recognition algorithms. Moreover, the visual method is widely used in such applications and also to identify theimposed data by from military electromagnetic standards, being the emissions. first step of the That TEMPEST is why measurement the visual procedures method for the is used, and, as with any methodvideo display based signal. on human perception, quantitative numerical indicators do not apply. However, many testThe practical subjects advantages have been of the used, new computer and the fonts conclusions in terms of electromagnetic regarding the protection degree of of similarity processed text data were carried out by two independent institutions—Military Communication between differentInstitute letters (MCI) andand Special numbers Teleco writtenmmunications with Services the secure (STS)—with symmetrical extensive experience and secure in the asymmetrical fonts are presentedstudy and in classification section 4 of [ 20electromagnetic]. It has been emissions. proven This thatallowed the for results a reliable obtained evaluation of based the on visual method correspondfonts and to independent the ones method that used verification. numerical algorithms for similarity assessment and character recognition algorithms.2. Methods Moreover, the visual method is widely used in such applications and also imposed by militaryThe verification standards, of beingthe new the set first of fonts step base ofd the on TEMPESTvisual analysis measurement was carried out procedures in two for the video displaymeasurement signal. environments: an anechoic chamber of the laboratory of the MCI and an anechoic The practicalchamber advantages of STS. Each laboratory of the new uses a computer different measuring fonts inreceiver, terms which ofelectromagnetic was the purpose of the protection of evaluation of new fonts in the secure processing of text information. processed text dataThe TEMPEST were carried measurement out by procedures two independent involve two successive institutions—Military steps: the first proves Communication the Institute (MCI)existence and Special of the CE Telecommunications on a certain frequency (the Services image recovery (STS)—with when considering extensive the video experience signal as in the study and classificationCE) and of the electromagnetic second is the evaluation emissions. of the CE This level. allowedThe level of for the aemanation reliable is evaluationcompared with of the the fonts and limits stipulated by the TEMPEST procedures for the classification of the equipment in a certain risk independent method verification.

2. Methods The verification of the new set of fonts based on visual analysis was carried out in two measurement environments: an anechoic chamber of the laboratory of the MCI and an anechoic chamber of STS. Each laboratory uses a different measuring receiver, which was the purpose of the evaluation of new fonts in the secure processing of text information. The TEMPEST measurement procedures involve two successive steps: the first proves the existence of the CE on a certain frequency (the image recovery when considering the video signal as CE) and the second is the evaluation of the CE level. The level of the emanation is compared with the limits stipulated by the TEMPEST procedures for the classification of the equipment in a certain risk category Appl. Sci. 2020, 10, 2828 4 of 18 for information security. Therefore, the possibility of image recovery does not automatically mean that equipment underAppl. Sci. test2020, 10 (EUT), x FOR PEER fails REVIEW the test. 4 of 19

category for information security. Therefore, the possibility of image recovery does not automatically 2.1. Military Communicationmean that equipment Institute under test (EUT) fails the test.

The tests2.1. were Military carried Communication out inside Institute an anechoic chamber of electromagnetic compatibility laboratory of MCI (Figure2).The A tests Tempest were carried Test System out inside DSI an 1550A anecho receiveric chamber and of electromagnetic a special set compatibility of antennas were used for these tests.laboratory The secureof MCI (Figure fonts 2). were A Tempest installed Test Syst onem aDSI typical 1550A receiver desktop and a computer special set of antennas with a 24” monitor (1024 768, 60were Hz). used Thefor these monitor tests. The was secure connected fonts were installed to the mainon a typical unit desktop of the computer computer with by a 24” DVI and VGA × monitor (1024 × 768, 60 Hz). The monitor was connected to the main unit of the computer by DVI and standard interfaces.VGA standard The sizesinterfaces. of fontsThe sizes were of fonts equal were to 36equal points to 36 points and 24and points. 24 points. The The distance distance between the antenna andbetween the monitor the antenna was and equal the monitor to 1 mwas (the equal distance to 1 m (the accordingdistance according to the to the MIL-STD-461E MIL-STD-461E (F and G)). An electromagnetic(F and G)). emission An electromagnetic was measured emission was on measured a frequency on a frequency of 860 MHzof 860 MHz (BW (BW= 50 = 50 MHz) MHz) [26]. [26].

FigureFigure 2. Communication 2. Communication Institute Institute test bed. test bed. 2.2. Special Telecommunications Services 2.2. Special Telecommunications Services The measurements were performed in a TEMPEST laboratory consisting of two shielded The measurementsenclosures that were have performeda common wall, in aas TEMPEST illustrated in laboratory Figure 3. One consisting of the enclosures of two is shieldeda semi- enclosures that have a commonanechoic chamber wall, as(there illustrated is no radio inabsorbent Figure materi3. Oneal on of the the floor) enclosures and is actually is the a semi-anechoic testing room. chamber The equipment is positioned in accordance to the American EMC standard, MIL-STD-461E. This (there is no radiostandard absorbent has many similari materialties, but on also the some floor) differences and is with actually the test theconfiguration testing specified room. Theby the equipment is positioned inTEMPEST accordance procedures, to the but American in the end it EMC has the standard, closest configuration MIL-STD-461E. of all EMC This standards. standard As has many similarities, butTEMPEST also some procedures differences are classified, with theinformation test configuration cannot be disclosed, specified so we by will the consider TEMPEST the procedures, configuration of this EMC standard as a reference. but in the end it has the closest configuration of all EMC standards. As TEMPEST procedures are classified, information cannot be disclosed, so we will consider the configuration of this EMC standard as a reference. Appl. Sci. 2020, 10, 2828 5 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 5 of 19

FigureFigure 3. Telecommunications 3. Telecommunications Services Services test bed. test bed. The tests were performed with a Fujitsu Siemens laptop, Lifebook C110. The chosen equipment The testsiswere an older performed generation laptop with aand Fujitsu was used Siemens with the laptop,220V mains Lifebook power supply C110. unit. The The chosen laptop’s equipment is an older generationelectric charger laptop is usually and was an electromagnetic used with the noise 220V generator mains that power makes the supply process unit. of video The image laptop’s electric recovery more difficult to fulfill. Very often, the emissions of these electric chargers are in the charger is usuallyfrequency an electromagneticrange of up to about noise 500 MHz. generator For this thatreason makes we selected the processa much higher of video recovery image recovery more difficultfrequency, to fulfill. respectively Very often, 910 MHz. the emissions of these electric chargers are in the frequency range of up to about 500It does MHz. not matter For this which reason EUT iswe chosen selected for testin ag, much but to higherdo comparative recovery tests, frequency,we also used, respectively besides the analyzed fonts, 2 other common fonts, namely Times New Roman and Arial. 910 MHz. It should be mentioned that, after establishing the reception and the video recovery parameters, It does notonly matterthe images which displayed EUT by the is chosenEUT have for been testing, modified, but while to all do the comparative reception parameters tests, and we also used, besides the analyzedthe analysis fonts, of the compromising 2 other common signal remained fonts, namely unchanged Times until the New end Romanof the tests and performed. Arial. We used a Rohde & Schwarz (R&S) FSET 22 test receiver and specialized TEMPEST analysis software. It shouldUnfortunately, be mentioned we had that, to crop after from establishing the analyzed theimages reception the information and thethat videoincludes recovery the video parameters, only the imagesrecovery displayed parameters, by because the EUT it re havepresents been sensitive modified, information while that allwe are the not reception allowed to parameterspublish. and the analysis of theThe compromising test receiver parameters signal are: remained10 MHz Resolution unchanged Bandwidth until (RBW), the 50 end ms sweep of the time, tests SPAN performed. 0 We working mode, and narrow filter pre-selector, and internal preamp amplification was 10 dB. The used a Rohdedisplay & Schwarz resolution (R&S)of the EUT FSET is 1024 22 × 768 test with receiver the refresh and rate specializedof 60 Hz. Thus, all TEMPEST the time parameters analysis software. Unfortunately,of the we displayed had to video crop signal from can thebe found analyzed in the VESA images Coordinated the informationVideo Timings (CVT) that Standard, includes the video recovery parameters,version 1.2 (February because 2013): it represents vertical refresh sensitive of approximately information 48.363 thatkHz (most we are important), not allowed pixel to publish. frequency of 65.0 MHz, front and back porches (horizontally and vertically), the whole line and whole The test receiverframe parameters duration. are: 10 MHz Resolution Bandwidth (RBW), 50 ms sweep time, SPAN 0 working mode, andAnother narrow interesting filter discussion pre-selector, would and be the internal size of the preamp font that would amplification be most suitable was 10for use dB. The display resolution ofin the ourEUT tests. Usually is 1024 documents768 with are edited the with refresh size 12, rate while of PowerPoint 60 Hz. Thus, presentations all the use time size 28 parameters of or even larger to be visible× to all participants. So, we used the following dimensions: 36, 28, 24, 20, 18, the displayed14 videoand 12. signal can be found in the VESA Coordinated Video Timings (CVT) Standard, version 1.2 (February 2013): vertical refresh of approximately 48.363 kHz (most important), pixel frequency of 65.03. Results MHz, front and back porches (horizontally and vertically), the whole line and whole frame duration.3.1. Military Communication Institute Another interestingThe tests were discussion carried out would for different be the sizes size of font of thecharacters. font that For the would tests, besides be most the suitablesecure for use in our tests. Usuallyfonts, traditional documents fonts areArialedited and Times with New size Roman, 12, were while used, PowerPoint such that one presentationscould observe more use size 28 or even larger toeasily be visible the differences to all between participants. secure fonts So, and we tradit usedional the fonts following in the protection dimensions: of text information 36, 28, 24, 20, 18, 14 against electromagnetic eavesdropping. and 12. Additionally visual analyses and correlation analyses were carried out for each secure font. The analyses were based on values of character error rate (CER) [20]. 3. Results

3.1. Military Communication Institute The tests were carried out for diﬀerent sizes of font characters. For the tests, besides the secure fonts, traditional fonts Arial and Times New Roman, were used, such that one could observe more easily the diﬀerences between secure fonts and traditional fonts in the protection of text information against electromagnetic eavesdropping. Additionally visual analyses and correlation analyses were carried out for each secure font. The analyses were based on values of character error rate (CER) [20].

c + k c + (r e) CER = = − (1) g g Appl. Sci. 2020, 10, 2828 6 of 18

where:

r—number of wanted characters in the analyzed image, Appl. Sci. 2020, 10, x FOR PEER REVIEW 6 of 19 c—number of incorrectly recognized characters, e—number of correctly recognized characters,𝑐+𝑘 𝑐+𝑟−𝑒 𝐶𝐸𝑅 = = (1) k—number of unrecognized and wanted characters𝑔 𝑔 (k = r e), − g—the numberwhere: of all characters in the image. r–number of wanted characters in the analyzed image, c–number of incorrectly recognized characters, For secure fonts,e–number this of correctly parameter recognized has characters, high values in contrast to traditional fonts. This made it impossible tok recognize–number of unrecognized each character and wanted of the characters secure (𝑘=𝑟−𝑒 fonts), in reconstructed images. To confirm the results and theg–the e ffinumberciency of all of characters using thein the secure image. fonts for electromagnetic protection of processed For secure fonts, this parameter has high values in contrast to traditional fonts. This made it information againstimpossible electromagnetic to recognize each character penetration, of the secure additional fonts in tests reconstructed were conducted images. To confirm in another the laboratory. The results areresults shown and inthe theefficiency next chapterof using the of secure this paper. fonts for electromagnetic protection of processed During theinformation first stage against of theelectromagnetic tests, selected penetration, characters additional of thetests fonts were wereconducted displayed in another on the monitor. laboratory. The results are shown in the next chapter of this paper. The characters wereDuring separated the first stage by oneof the space tests, selected each (Figure characters4). of Thethe fonts solution were displayed is not typical on the monitor. for the processing of text data. However,The characters we were can separated observe by the one shape space of each each (Figure character 4). The onsolution the outputis not typical of Side for Channelthe Attack (SCA) better.processing For the Arialof text data. and However, Times New we can Roman observe fonts,the shape the of each reading character of theon the characters output of Side is not hard. Channel Attack (SCA) better. For the Arial and Times New Roman fonts, the reading of the characters is not hard.

(a)

(b)

Figure 4. Cont. Appl. Sci. 2020, 10, 2828 7 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 7 of 19

(c)

(d)

Figure 4. ReconstructionFigure 4. Reconstruction of the of displayed the displayed image image based on onsensitive sensitive emissions emissions measurement measurement on on frequency 840 MHz (BW = 50 MHz, the size of characters-36 points): (a) Arial font, (b) Times New frequency 840Roman MHz font, (BW (c) secure= 50 asymmetrical MHz, the font, size (d of) secure characters-36 symmetrical font. points): (a) Arial font, (b) Times New Roman font, (c) secure asymmetrical font, (d) secure symmetrical font. For the special fonts, the situation is totally different. The characters in particular sets (‘a’, ‘c’, ‘e’, For the special‘n’, ‘o’, ‘s’, fonts, ‘u’, ‘z’), the (‘g’, situation ‘y’) and (‘b’, is ‘h’, totally ‘k’) look di ﬀsimilar.erent. We The have characters to remember in that particular the size of the sets (‘a’, ‘c’, ‘e’, characters is 24 points. The observed phenomenon will be more beneficial for smaller sizes of the ‘n’, ‘o’, ‘s’, ‘u’,primary ‘z’), (‘g’,characters. ‘y’) and (‘b’, ‘h’, ‘k’) look similar. We have to remember that the size of the characters is 24 points.In the second The step observed of tests, the phenomenontexts were displayed will on the be monitor. more The beneﬁcial tests included for sequences smaller sizes of the primary characters.of characters (size 20 points) without additional spaces. This situation was shown in Figure 5. For Arial and Times New Roman fonts, each character could be selected. The characters of secure fonts In the secondremain stepillegible. of Only tests, upper the and texts lower were elongations displayed of the oncharacters the monitor. (e.g. ‘b’, ‘d’, The ‘g’, tests‘h’, ‘k’) included could be sequences of characters (sizerecognized. 20 points) without additional spaces. This situation was shown in Figure5. For Arial and Times New Roman fonts, each character could be selected. The characters of secure fonts remain illegible. Only upper and lower elongations of the characters (e.g., ‘b’, ‘d’, ‘g’, ‘h’, ‘k’) could be recognized. Appl. Sci. 2020, 10, 2828 8 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 8 of 19

(a)

(b)

Figure 5. Reconstruction of the displayed image based on sensitive emissions measurement on Figure 5. Reconstruction of the displayed image based on sensitive emissions measurement on frequency 840 MHz (BW = 50 MHz, the size of characters—24 points): (a) from the top—secure frequency 840symmetrical MHz (BW font, =secure50 MHz,asymmetrical the sizefont, Arial of characters—24 font, (b) from the top—secure points): symmetrical (a) from thefont, top—secure symmetricalsecure font, asymmetrical secure asymmetrical font, Times New font, Roman Arial font. font, (b) from the top—secure symmetrical font, secure asymmetrical font, Times New Roman font. 3.2. Special Telecommunications Services 3.2. Special TelecommunicationsIn Figures 6–11 are Services shown the test results in the form of reproduced images from registered revealing emissions. The images contain characters of traditional and secure fonts from 12 points up In Figuresto a6 size–11 of are 36 points. shown The therecording test of results revealin ing emissions the form was of made reproduced using two receivers, images enabling from registered revealing emissions.the measurement The images of very contain weak electromagnetic characters of emissions traditional correlated and securewith data fonts processed from 12 points up electronically. to a size of 36 points.It can Thealso be recording observed ofthat revealing all the characters emissions displayed was are made intelligible using within two receivers,the restored enabling the measurementimages, of very regardless weak of electromagnetic the font size (Figures emissions 6, 7, 10 and correlated 11). We can consider with data that processedthe clarity of the electronically. It can alsorecovered be observed images from that the all compromising the characters radiation displayed corresponding are intelligibleto the Arial font within is slightly the better restored images, than that of the Times New Roman font. We continued with the display of secure asymmetrical and regardless ofsecure the font symmetrical size (Figures fonts, choosing6,7, 10 the and same 11 font). Wesize. canThe image consider recovery that corresponding the clarity to of these the recovered images fromfonts the compromisingcan be seen in Figures radiation 8 and 9. corresponding to the Arial font is slightly better than that of the Times New Roman font. We continued with the display of secure asymmetrical and secure symmetrical fonts, choosing the same font size. The image recovery corresponding to these fonts can be seen in Figures8 and9. Appl. Sci. 2020, 10, 2828 9 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 9 of 19 Appl. Sci. 2020, 10, x FOR PEER REVIEW 9 of 19 Appl. Sci. 2020, 10, x FOR PEER REVIEW 9 of 19

FigureFigure 6.6. ImageImage recoveredrecovered whenwhen ArialArial fontfont waswas displayed—R&Sdisplayed—R&S FSETFSET receiver.receiver. Figure 6. ImageFigure 6. recoveredImage recovered when when Arial Arial font was was displayed—R&S displayed—R&S FSET receiver. FSET receiver.

FigureFigure 7.7. ImageImage recoveredrecovered whenwhen TimesTimes NewNew RomanRoman fontfont waswas displayed—R&Sdisplayed—R&S FSETFSET receiver.receiver. Figure 7. ImageFigure recovered7. Image recovered when when Times Times New New RomanRoman font font was was displayed—R&S displayed—R&S FSET receiver. FSET receiver.

FigureFigure 8.8. ImageImage recoveredrecovered whenwhen securesecure asymmetricalasymmetrical fontfont waswas displayed—R&Sdisplayed—R&S FSETFSET receiver.receiver. Figure 8. Image recovered when secure asymmetrical font was displayed—R&S FSET receiver. FigureAppl. 8. Sci.Image 2020, 10 recovered, x FOR PEER REVIEW when secure asymmetrical font was displayed—R&S FSET10 of receiver. 19

Figure 9. Image recovered when secure symmetrical font was displayed—R&S FSET receiver. Figure 9. Image recovered when secure symmetrical font was displayed—R&S FSET receiver.

Figure 10. Image recovered with Font 28 with blank spaces: secure asymmetrical and secure symmetrical—R&S FSWT receiver.

Figure 11. Image recovered with Times New Roman font—R&S FSWT receiver.

In Figures 10 and 11, we have illustrated the recovery image results obtained by using the FSWT receiver produced by the Rohde&Schwarz Company, which is the latest TEMPEST receiver model released on the market by the German company. This equipment comes with the raster module built in. It is true that, when using the FSET22 receiver, we allocated about 30 minutes to find the optimal video recovery parameters, while when using the FSWT receiver, we solved the same objective with Appl. Sci. 2020, 10, x FOR PEER REVIEW 10 of 19 Appl. Sci. 2020, 10, x FOR PEER REVIEW 10 of 19

Appl. Sci. 2020, 10, 2828 10 of 18

Figure 9. Image recovered when secure symmetrical font was displayed—R&S FSET receiver. Figure 9. Image recovered when secure symmetrical font was displayed—R&S FSET receiver.

Figure 10. Image recovered with Font 28 with blank spaces: secure asymmetrical and secure Figure 10. ImageFigure recovered 10. Image recovered with Fontwith Font 28 28 with with blank blank spaces: spaces: secure asymme securetrical asymmetrical and secure and secure symmetrical—R&S FSWT receiver. symmetrical—R&Ssymmetrical—R&S FSWT receiver. FSWT receiver.

Figure 11. Image recovered with Times New Roman font—R&S FSWT receiver. Figure 11. ImageFigure 11. recovered Image recovered with with Times Times New New Roman Roman font—R&S font—R&S FSWT receiver. FSWT receiver. In Figures 10 and 11, we have illustrated the recovery image results obtained by using the FSWT In Figures 10 and 11, we have illustrated the recovery image results obtained by using the FSWT receiver produced by the Rohde&Schwarz Company, which is the latest TEMPEST receiver model In Figures 10receiver and produced11, we by have the Rohde&Schwarz illustrated theCompany, recovery which is image the latest results TEMPEST obtained receiver model by using the FSWT released on the market by the German company. This equipment comes with the raster module built released on the market by the German company. This equipment comes with the raster module built receiver producedin. It by is true the that, Rohde&Schwarz when using the FSET22 Company,receiver, we allocated which about is 30 the minutes latest to find TEMPEST the optimal receiver model in. It is true that, when using the FSET22 receiver, we allocated about 30 minutes to find the optimal video recovery parameters, while when using the FSWT receiver, we solved the same objective with released on thevideo market recovery by parameters, the German while when company. using the FSWT This receiver, equipment we solved the comes same objective with with the raster module built in. It is true that, when using the FSET22 receiver, we allocated about 30 minutes to find the optimal video recovery parameters, while when using the FSWT receiver, we solved the same objective with five clicks. This is the feature of the German manufacturer, as well as the level of integration for the pre-selection filters. The only difference compared to the first part of the tests performed is that when using the FSWT receiver, we used a gain of 20 dB amplification. However, no significant improvement in theAppl. Sci. quality 2020, 10, x ofFOR thePEER REVIEW recovered image is observed and, thus, we can say11 of 19 that the effects of using TEMPEST fonts are the same, regardless of the reception equipment used in our tests. five clicks. This is the feature of the German manufacturer, as well as the level of integration for the pre-selection filters. The only difference compared to the first part of the tests performed is that when 4. Discussion using the FSWT receiver, we used a gain of 20 dB amplification. However, no significant improvement in the quality of the recovered image is observed and, thus, we can say that the effects In the equipmentof using TEMPEST TEMPEST fonts are evaluation, the same, regardless mainly of the upper reception case equipment letters used are in our used, tests. because it facilitates the video recovery process, which represents the “worst case scenario” mentioned repeatedly in the 4. Discussion TEMPEST procedures.In the Thus, equipment the TEMPEST video evaluation, recovery mainly process upper forcase theletters font are used, Arial because was it facilitates repeated, but this time with the use of thethe uppervideo recovery case process, letters which and represents numbers, the “worst as illustrated case scenario” inmentioned Figure repeatedly 12. We in performed the the tests TEMPEST procedures. Thus, the video recovery process for the font Arial was repeated, but this time for secure asymmetricalwith the use font of the againupper case and letters the and results numbers, areas illustrated shown in inFigure Figure 12. We 13performed. the tests for secure asymmetrical font again and the results are shown in Figure 13. Commented [M1]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M2]: detected 0 before 0. This is wrong order.

Commented [M3]: detected 0 before 0. This is wrong order.

Commented [M4]: detected 0 before 0. This is wrong order.

Commented [M5]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M6]: detected 255 before 255. This is wrong order.

Commented [M7]: incorrect ref order, 255 detected after 26. Figure 12. Image recovered when Arial font with upper case letters was displayed. Figure 12. Image recovered when Arial font with upper case letters was displayed. You jumped the numbers in between. Commented [M8]: detected 255 before 255. This is wrong order.

Commented [M9]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M10]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M11]: detected 255 before 255. This is wrong order.

Commented [M12]: incorrect ref order, 255 detected after 26. You jumped the numbers in between. Figure 13. Image recovered when secure asymmetrical font with upper case letters was displayed. Commented [M13]: detected 255 before 255. This is wrong Color coding in RGB format (red, green and blue) is done by combining in some proportions order. these 3 primary colors, with values between 0 and 255. Thus, the blue color is coded for example Commented [M14]: incorrect ref order, 255 detected after [0,0,255] or “0000FF” in hexadecimal format (HEX) while black is represented by [0,0,0] or "000000" 26. You jumped the numbers in between. (HEX) and the white color of [255,255,255] or "FFFFFF" (HEX). The inverted video option practically means the reversal of the white color with the black, meaning the consideration of the values Commented [M15]: detected 0 before 0. This is wrong [255,255,255] for black and [0,0,0], for white respectively. So it does not represent an additional order. processing of the video CE signal, but it is only the option for a TEMPEST engineer regarding the visualization of the restored image. In the opinion of our specialists, the images restored with the Commented [M16]: detected 0 before 0. This is wrong "reverse video" option enabled are more intelligible and less tiring for the eyes. Due to the fact that order. Appl. Sci. 2020, 10, x FOR PEER REVIEW 11 of 19

five clicks. This is the feature of the German manufacturer, as well as the level of integration for the pre-selection filters. The only difference compared to the first part of the tests performed is that when using the FSWT receiver, we used a gain of 20 dB amplification. However, no significant improvement in the quality of the recovered image is observed and, thus, we can say that the effects of using TEMPEST fonts are the same, regardless of the reception equipment used in our tests.

4. Discussion In the equipment TEMPEST evaluation, mainly upper case letters are used, because it facilitates the video recovery process, which represents the “worst case scenario” mentioned repeatedly in the TEMPEST procedures. Thus, the video recovery process for the font Arial was repeated, but this time with the use of the upper case letters and numbers, as illustrated in Figure 12. We performed the tests for secure asymmetrical font again and the results are shown in Figure 13. Commented [M1]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M2]: detected 0 before 0. This is wrong order.

Commented [M3]: detected 0 before 0. This is wrong order.

Commented [M4]: detected 0 before 0. This is wrong order.

Commented [M5]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M6]: detected 255 before 255. This is wrong order. Appl. Sci. 2020, 10, 2828 11 of 18

Commented [M7]: incorrect ref order, 255 detected after 26. Figure 12. Image recovered when Arial font with upper case letters was displayed. You jumped the numbers in between.

Commented [M8]: detected 255 before 255. This is wrong order.

Commented [M9]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M10]: incorrect ref order, 255 detected after 26. You jumped the numbers in between.

Commented [M11]: detected 255 before 255. This is wrong order.

Commented [M12]: incorrect ref order, 255 detected after 26. You jumped the numbers in between. Figure 13. Image recovered when secure asymmetrical font with upper case letters was displayed. Figure 13. Image recovered when secure asymmetrical font with upper case letters was displayed.Commented [M13]: detected 255 before 255. This is wrong Color coding in RGB format (red, green and blue) is done by combining in some proportions order. these 3 primary colors, with values between 0 and 255. Thus, the blue color is coded for example Color coding in RGB format (red, green and blue) is done by combining in some proportionsCommented these [M14]: incorrect ref order, 255 detected after [0,0,255] or “0000FF” in hexadecimal format (HEX) while black is represented by [0,0,0] or "000000" 26. You jumped the numbers in between. 3 primary colors,(HEX) with and values the white between color of [255,255,255] 0 and 255.or "FFFFFF" Thus, (HEX). the The blue inverted color video is option coded practically for example [0,0,255] or “0000FF” in hexadecimalmeans the reversal format of the white (HEX) color with while the blackblack, meaning is represented the consideration by of [0,0,0] the values or "000000"Commented (HEX) [M15]: detected 0 before 0. This is wrong [255,255,255] for black and [0,0,0], for white respectively. So it does not represent an additional order. and the white colorprocessing of [255,255,255] of the video CE signal, or "FFFFFF" but it is only (HEX). the option The for a invertedTEMPEST engineer video regarding option the practically means the reversal of thevisualization white colorof the restored with theimage. black, In the opinio meaningn of our thespecialists, consideration the images restored of the with values the [255,255,255]Commented [M16]: detected 0 before 0. This is wrong "reverse video" option enabled are more intelligible and less tiring for the eyes. Due to the fact that order. for black and [0,0,0], for white respectively. So it does not represent an additional processing of the video CE signal, but it is only the option for a TEMPEST engineer regarding the visualization of the restored image. In the opinion of our specialists, the images restored with the "reverse video" option enabled are more intelligible and less tiring for the eyes. Due to the fact that the TEMPEST specialist spends several hours each working day with such images displayed, this technical aspect related to the working modeAppl. Sci. is 2020 very, 10, ximportant FOR PEER REVIEW to them. The restored images illustrated in12 of Figures 19 6–13 were performed with the “reverse video” option enabled. Without activating this setting, the image shown in Figure 14 is obtained.

Figure 14. Image recovered when secure asymmetrical font with upper case letters—without reverse Figure 14. Imagevideo recovered option enable. when secure asymmetrical font with upper case letters—without reverse video option enable. We can consider that the text is intelligible for the font size of 36, 28 and 24 and not for all the letters, this statement being valid only for size 36 in case of Arabic numerals, and even at this size, We can considerthe number that 2 can the be easily text confused is intelligible with the number for the8. However, font sizeit can be of observed 36, 28 that and the 24date andof not for all the letters, this statementthe measurements being validcannot be only understood for size for the 36 secure in asymmetrical case of Arabic font with numerals, a size less than and28 and even at this size, for the secure symmetrical font with a size less than 24. We consider that for the font size 12, no the number 2 canalphanumeric be easily character confused is intellig withible, theregardless number of the 8.font However, considered, secure it can asymmetrical be observed or that the date of the measurementssecure symmetrical. cannot be It is understood also true that the for tested the fonts secure are difficult asymmetrical to track even in fontthe Word with Office a size less than 28 editing environment and that the human operator needs an adaptation period to use these fonts. and for the secure symmetricalIn conclusion, we fontconsider with that the a fonts size are less efficient than in terms 24. Weof resistance consider to the thatvideo recovery for the font size 12, no alphanumeric characterprocess and is that intelligible, the secure asymmetrical regardless font ofis more the fontefficient considered, than the secure secure symmetrical asymmetrical one, or secure although the characters of the secure asymmetrical font have been restored with a better contrast. symmetrical. It isThe also documents true edited that with the size tested 12 are fontsimpossible are to direcoverfficult if any to of trackthese fonts even would in be the used. Word Office editing environment and thatNext, the we humanconsidered operatorthat dimension needs 24 represen an adaptationts the intelligibility period limit forto theuse two TEMPEST these fonts. fonts analyzed. Thus, we continued to use as a test video signal a page with size 24, corresponding In conclusion,to all we four consider previously used that fonts. the The fonts image are recovery efficient results incorresponding terms of to resistance this video signal to can the video recovery process and thatbe theseen in secure Figure 15. asymmetrical font is more efficient than the secure symmetrical one, although the characters of the secure asymmetrical font have been restored with a better contrast. The documents edited with size 12 are impossible to recover if any of these fonts would be used.

Figure 15. Image recovered with Font 24: Arial, Times New Roman, secure asymmetrical and secure symmetrical. Appl. Sci. 2020, 10, x FOR PEER REVIEW 12 of 19

the TEMPEST specialist spends several hours each working day with such images displayed, this technical aspect related to the working mode is very important to them. The restored images illustrated in Figures 6–13 were performed with the “reverse video” option enabled. Without activating this setting, the image shown in Figure 14 is obtained.

Figure 14. Image recovered when secure asymmetrical font with upper case letters—without reverse video option enable.

We can consider that the text is intelligible for the font size of 36, 28 and 24 and not for all the letters, this statement being valid only for size 36 in case of Arabic numerals, and even at this size, the number 2 can be easily confused with the number 8. However, it can be observed that the date of the measurements cannot be understood for the secure asymmetrical font with a size less than 28 and Appl. Sci. 2020, 10, 2828 for the secure symmetrical font with a size less than 24. We consider that for the font size 12, no 12 of 18 alphanumeric character is intelligible, regardless of the font considered, secure asymmetrical or secure symmetrical. It is also true that the tested fonts are difficult to track even in the Word Office editing environment and that the human operator needs an adaptation period to use these fonts. Next, we consideredIn conclusion, that dimension we consider that the 24 fonts represents are efficient in theterms intelligibilityof resistance to the video limit recovery for the two TEMPEST process and that the secure asymmetrical font is more efficient than the secure symmetrical one, fonts analyzed. Thus,although we continuedthe characters of tothe usesecure as asymmetrical a test video font have signal been restored a page with a withbetter contrast. size 24, corresponding to The documents edited with size 12 are impossible to recover if any of these fonts would be used. all four previously usedNext, fonts. we considered The imagethat dimension recovery 24 represen resultsts the intelligibility corresponding limit for the two TEMPEST to this video signal can be seen in Figure 15. fonts analyzed. Thus, we continued to use as a test video signal a page with size 24, corresponding to all four previously used fonts. The image recovery results corresponding to this video signal can be seen in Figure 15.

Figure 15. Image recovered with Font 24: Arial, Times New Roman, secure asymmetrical and secure Figure 15. Image recoveredsymmetrical. with Font 24: Arial, Times New Roman, secure asymmetrical and secure symmetrical.

Here, we can identify all the numbers for the secure symmetrical font and partially for the secure asymmetrical. The most readable characters are ‘b’, ‘g’, ‘k’, ‘p’, ‘q’, ‘s’ and ‘t’, while the numbers 2, 3 and 4 can be identiﬁed, even for the secure asymmetrical font. The characters ‘a’, ‘c’, ‘n’, ‘o’, ‘u’ and ‘v’ Appl. Sci. 2020, 10, x FOR PEER REVIEW 13 of 19 can be easily confused with each other (they have an almost identical shape in the restored image) and also the letters ‘g’ and ‘y’. Next, we increased the font size to see if the quality of the restored image is improved and the results are not positiveAppl. Sci. in 2020 this, 10, x FOR sense PEER REVIEW (the text is not intelligible), as can be seen13 of in 19 Figure 16.

Here, we can identify all the numbers for the secure symmetrical font and partially for the secure asymmetrical. The most readable characters are ‘b’, ‘g’, ‘k’, ‘p’, ‘q’, ‘s’ and ‘t’, while the numbers 2, 3 and 4 can be identified, even for the secure asymmetrical font. The characters ‘a’, ‘c’, ‘n’, ‘o’, ‘u’ and ‘v’ can be easily confused with each other (they have an almost identical shape in the restored image) and also the letters ‘g’ and ‘y’. Next, we increased the font size to see if the quality of the restored image is improved and the results are not positive in this sense (the text is not intelligible), as can be seen in Figure 16.

Figure 16. Image recovered with Font 28: Arial, Times New Roman, secure asymmetrical and secure Figure 16. Image recoveredsymmetrical. with Font 28: Arial, Times New Roman, secure asymmetrical and

secure symmetrical. For intelligibility reasons, we have introduced blank spaces between alphanumeric characters written with secure asymmetrical and secure symmetrical fonts. The result can be seen in Figure 17. For intelligibilityIn this reasons, case, we consider we havethat the letters introduced ‘b’, ‘c’, ‘d’, ‘f’, blank ‘p’, ‘q’, ‘r’, spaces ‘s’ and ‘t’ can between be identified alphanumeric for the characters secure asymmetrical font and the letters ‘b’, ‘f’, ‘m’, ‘p’, ‘q’, ‘r’, ‘s’ and ‘t’ for the secure symmetrical Figure 16. Image recovered with Font 28: Arial, Times New Roman, secure asymmetrical and secure font. written with secure asymmetricalsymmetrical. and secure symmetrical fonts. The result can be seen in Figure 17. The numbers from 1 to 7 can be identified for the secure symmetrical font, while the secure In this case, we considerasymmetricalFor thatintelligibility font the makes reasons, letters it impossible we ‘b’, have to ‘c’,introduced identify ‘d’, the blank ‘f’, numbers ‘p’,spaces 5 ‘q’,and between 6. ‘r’, alphanumeric ‘s’ and ‘t’characters can be identiﬁed for the secure asymmetricalwritten font andwith secure the asymmetrical letters ‘b’, and ‘f’,secure ‘m’, symmetri ‘p’,cal ‘q’, fonts. ‘r’, The ‘s’ result and can ‘t’be seen for in the Figure secure 17. symmetrical font. In this case, we consider that the letters ‘b’, ‘c’, ‘d’, ‘f’, ‘p’, ‘q’, ‘r’, ‘s’ and ‘t’ can be identified for the The numbers fromsecure asymmetrical 1 to 7 can font and be the identiﬁed letters ‘b’, ‘f’, ‘m’, for ‘p’, the‘q’, ‘r’, secure ‘s’ and ‘t’ for symmetrical the secure symmetrical font, while the secure font. asymmetrical font makesThe itnumbers impossible from 1 to 7 tocan identifybe identified for the the numbers secure symmetrical 5 and font, 6. while the secure asymmetrical font makes it impossible to identify the numbers 5 and 6.

Figure 17. Image recovered with Font 28 with blank spaces: secure asymmetrical and secure symmetrical.

As we mentioned before, we can conclude that secure asymmetrical font is safer than secure symmetrical and for this reason we repeated the test in which all the alphanumeric characters were displayed with the fonts Arial, Times New Roman (TNR) and secure asymmetrical with dimension 28 (we skipped over dimension 24), as illustrated in Figure 18. Figure 17. Image recoveredFigure with17. Image Font recovered 28 with Font blank 28 with spaces:blank spaces: secure secure asymme asymmetricaltrical and secureand secure symmetrical. symmetrical.

Appl. Sci. 2020, 10, x FOR PEER REVIEW 14 of 19

Figure 18. FontFigure 28:18. Font Arial, 28: Arial, TNR TNR and and secure secure asymmetrical—upper asymmetrical—upper case. case. We can observe in Figure 18 that the fonts Arial and Times New Roman are 100% intelligible, We can observewhile the in secure Figure asymmetrical 18 that font the is not fonts intelligibl Ariale at all. and We have Times further New introduced Roman blank arespaces 100% intelligible, between alphanumeric characters to increase the degree of intelligibility, as illustrated in Figure 19. while the secure asymmetricalOur attempt was font partially is successful, not intelligible meaning that at the all. letters We ‘C’, have ‘E’, ‘F’, further ‘G’, ‘L’, ‘P’ introduced and ‘T’ are blank spaces between alphanumeric30% intelligible, characters as well as to the increase numbers ‘5’, the ‘6’ and degree ‘7’. Next, of we intelligibility, wrote the alphanumeric as illustrated characters in Figure 19. with bold and the result can be seen in Figure 20. As we can see, the level of intelligibility for the

Our attemptsecure was asymmetrical partially font successful, does not increase meaning compared that to Figure the 19. letters ‘C’, ‘E’, ‘F’, ‘G’, ‘L’, ‘P’ and ‘T’ are 30% intelligible, as wellSince aswe thewereFigure numbersnot 18. successfulFont 28: ‘5’,Arial, in ‘6’ TNR understanding and and secure ‘7’. asymmetrical—upper Next, the information we wrote case.written the alphanumericwith secure characters asymmetrical font contained in the video restorations illustrated above, we increased the font to the with bold and themaximum resultWe can canpossible observe be size seenin fromFigure in our 18 Figure point that theof view,20 fonts. Asrespective Arial we and canly Times size see, 72. New We the Roman have level also are left of 100% the intelligibility intelligible,font size 36 for the secure asymmetrical fontandwhile does 28 the for secure comparison not increaseasymmetrical reasons compared fontand theis not result intelligibl tois shown Figuree at inall. Figure We19 .have 21. further introduced blank spaces betweenIn order alphanumeric to analyze charactersthe characteristics to increase of each the degreealphanumeric of intelligibilit charactery, as of illustratedthe secure asymmetricalin Figure 19. Since we werefont,not Ourwe continuedattempt successful was the partially tests in only understanding successful, with the meaning display theofthat the the information size letters 72 characters ‘C’, ‘E’, ‘F’, written and ‘G’, numbers, ‘L’, ‘P’ with and both ‘T’ secure arefor asymmetrical font contained inupper30% the intelligible, and video lower ascase restorations well letters, as the as numbers can be illustrated seen ‘5’, in‘6’ Figure and ‘7’. 22a–c. above, Next, we wewrote increased the alphanumeric the characters font to the maximum with bold and the result can be seen in Figure 20. As we can see, the level of intelligibility for the possible size fromsecure our asymmetrical point of font view, does respectively not increase compared size to 72. Figure We 19. have also left the font size 36 and 28 for comparison reasonsSince and we the were result not issuccessful shown in in understanding Figure 21 . the information written with secure asymmetrical font contained in the video restorations illustrated above, we increased the font to the In order to analyzemaximum possible the characteristics size from our point of of view, each respective alphanumericly size 72. We character have also left ofthe thefont size secure 36 asymmetrical font, we continuedand the 28 for tests comparison only reasons with theand the display result is ofshown the in size Figure 72 21. characters and numbers, both for upper and lower case letters,In order as canto analyze be seenthe characteristics in Figure of each22a–c. alphanumeric character of the secure asymmetrical font, we continued the tests only with the display of the size 72 characters and numbers, both for upper and lower case letters, as can be seen in Figure 22a–c.

Figure 19. Font 28 with blank spaces: Arial, TNR and secure asymmetrical.

Figure 19. FontFigure 28 19. with Font 28 blank with blank spaces: spaces: Arial, TNR TNR and secure and asymmetrical. secure asymmetrical. Appl. Sci. 2020, 10, 2828 14 of 18 Appl. Sci. 2020, 10, x FOR PEER REVIEW 15 of 19 Appl. Sci. 2020, 10, x FOR PEER REVIEW 15 of 19

Figure 20. FontFigure 28 20. with Font blank 28 with spaces:blank spaces: Arial, Arial, TNR TNR and se securecure asymmetrical—bold asymmetrical—bold with blank withspaces. blank spaces. Figure 20. Font 28 with blank spaces: Arial, TNR and secure asymmetrical—bold with blank spaces.

Figure 21. Size 72, 36, 28 without blank spaces: secure asymmetrical font. Figure 21.FigureSize 21. 72, Size 36, 72, 28 36, without 28 without blank blank spaces: spaces: secure secure asymmetrical asymmetrical font. font. From Figure 22, we can observe that certain alphanumeric characters have similar shape characteristicsFrom Figure and 22,can webe verycan easilyobserve confused that certain between alphanumeric each other if charactersthey are not have even similar identical: shape From Figurecharacteristics1. lower22, case we and letters can be that observevery have easily similar thatconfused shape certain between (Figure alphanumeric each 22a) other if they are characters not even identical: have similar shape characteristics and1. lower can• thecase be letters veryletters ‘a’, easilythat ‘c’ have and confused ‘o’;similar shape between (Figure 22a) each other if they are not even identical: •• thethe lettersletters ‘a’,‘I’, ‘j’‘c’ and and ‘r’; ‘o’; 1. lower case letters•• thethe that lettersletters have ‘I’,‘l’ and‘j’ similar and ‘t’; ‘r’; shape (Figure 22a) •• thethe lettersletters ‘l’‘g’ and and ‘t’; ‘y’. 2. upper• case letters that have similar shape (Figure 22b) the letters ‘a’,the ‘c’ letters and ‘g’ ‘o’; and ‘y’. • 2. upper• thecase letters letters ‘A’, that ‘B’, have ‘D’, similar ‘O’ and shape ‘Q’; (Figure 22b) the letters•• ‘I’,thethe ‘j’ lettersletters and ‘A’, ‘r’;‘I’ and ‘B’, ‘J’. ‘D’, ‘O’ and ‘Q’; • the letters3. the• ‘l’numericalthe and letters ‘t’; characters ‘I’ and ‘J’. can be differentiated between each other, as we can see in Figure 22c. • 3.Additionally, the numerical some characters numbers can can be differentiatedbe easily confused between with each the other,capital as letters we can as see follows: in Figure ‘2’ with22c. the‘Z’, letters ‘1’ with ‘g’ ‘I’ andand ‘8’ ‘y’. with ‘B’. • Additionally, some numbers can be easily confused with the capital letters as follows: ‘2’ with ‘Z’, ‘1’ with ‘I’ and ‘8’ with ‘B’. 2. upper case letters that have similar shape (Figure 22b)

the letters ‘A’, ‘B’, ‘D’, ‘O’ and ‘Q’; • the letters ‘I’ and ‘J’. • 3. the numerical characters can be diﬀerentiated between each other, as we can see in Figure 22c.

Additionally, some numbers can be easily confused with the capital letters as follows: ‘2’ with ‘Z’, ‘1’ with ‘I’ and ‘8’ with ‘B’. Appl. Sci. 2020, 10, 2828 15 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 16 of 19

(a)

(b)

(c)

Figure 22. Secure asymmetrical font 72: (a) lower case letters with blank spaces, (b) upper case letters Figure 22. Securewith blank asymmetrical spaces, (c) numbers font 72:with (blanka) lower spaces. case letters with blank spaces, (b) upper case letters with blank spaces, (c) numbers with blank spaces. Appropriate tests were carried out for VGA standard. The standard is still very popular in Appropriateclassified tests systems, were because carried it has out a higher for VGA resistance standard. to electromagnetic The standard infiltrationis than still the very DVI popular in standard. Analyzing Figure 23 and the previous Figures, it can be observed that the new solution in classified systems,form of secure because fonts itis a has universal a higher one. The resistance new approach to could electromagnetic be effective for both infiltration the analogue than the DVI standard. Analyzingand the digital Figure video 23 standards. and the previous Figures, it can be observed that the new solution in form of secure fonts is a universal one. The new approach could be effective for both the analogue and the digital video standards. Appl. Sci. 2020, 10, 2828 16 of 18

Appl. Sci. 2020, 10, x FOR PEER REVIEW 17 of 19

Figure 23. ImageFigure reconstructed 23. Image reconstructed based based on sensitive on sensitive emissions emissions measurement on frequency on frequency 640 MHz 640 MHz (BW (BW = 50 MHz, the size of characters-14 points), from the top: secure symmetrical font, Arial font, = 50 MHz, the size of characters-14 points), from the top: secure symmetrical font, Arial font, secure secure asymmetrical font, Times New Roman font (VGA standard). asymmetrical font, Times New Roman font (VGA standard). 5. Conclusions 5. Conclusions This article presents the results of research and analysis of the possibilities of using secure fonts (secure symmetrical and secure asymmetrical) in the protection of processed text data against This articleelectromagnetic presents infiltration. the results The analyses of research were based and on analysis the visual method of the as possibilities the main method of in using secure fonts (securethe symmetrical classification process and secure of revealing asymmetrical) emissions. in the protection of processed text data against electromagnetic infiltration.The presented secure The analyses fonts are a werenew and based evolving on method the visual that can method support asthe the protection main of method in the text data against electromagnetic eavesdropping. Any new solution that can decide on information classificationsecurity process must of be revealing subject to verification. emissions. The best approach in this case is to assess the effectiveness of The presentedthe method secure by independent fonts are ainstitutions, new and which evolving also have method various that measuring can support devices. theThus, protection it is of text data against electromagneticpossible to carry out eavesdropping. independent analyses, Any and new their solution results can that fully can confirm decide or contradict on information the security suitability of the methods in the area of application under consideration. must be subjectThe to verification.fonts presented in The this paper best can approach be applied in as thisa security case measure is to assessagainst electromagnetic the effectiveness of the method by independentcompromising emissions, institutions, by applyi whichng the also security have policies various that have measuring to be applied devices. to the computer Thus, it is possible to carry out independentand communication analyses, systems. and their results can fully confirm or contradict the suitability of The tests of secure fonts were carried out at two independent institutions: Military the methodsCommunications in the area of applicationInstitute (Poland) under and Special consideration. Telecommunications Services (Romania). These The fontsinstitutions presented used in various thispaper receiving can systems be applied (Military as Communications a security measure Institute: againstTempest electromagneticTest compromisingSystem emissions, DSI 1550A; by applyingSpecial Telecommunications the security policies Services: that Rohde&Schwarz have to be applied FSET22 toand the computer Rohde&Schwarz FSWT), which additionally confirmed the effectiveness of the new proposed and communicationmethod. The systems. tests were carried out in anechoic chambers. The source of unwanted emissions was a The teststypical of secure stationary fonts computer were carried set (in case out of at MCI) two independentand a portable computer institutions: (in caseMilitary of STS). In Communications each Institute (Poland)case, revealing and Specialemissions Telecommunicationswere detected, which were registered Services and (Romania). rasterized. The images These obtained institutions used in this way showed the superiority of the secure fonts over traditional ones in the field of protection various receivingof text information systems against (Military electromagnetic Communications penetration. This Institute: applies to cases Tempest when the Test font Systemcharacter DSI 1550A; Special Telecommunicationssize was not larger than Services: 24 points. Rohde&Schwarz Character recognition FSET22is possible andfor larger Rohde&Schwarz sizes. For traditional FSWT), which additionally confirmedfonts, the text was the readable effectiveness for virtually of any the size new of characters. proposed method. The tests were carried out in The conclusions are also true for analogue graphic standard. In Figure 23, each considered font anechoic chambers.is presented. The The source size of characters of unwanted was equal emissions to 14 points was and athe typical text written stationary by using secure computer fonts set (in case of MCI) andis a very portable difficultcomputer to read. (in case of STS). In each case, revealing emissions were detected, which were registeredThe presented and rasterized. method of using The secure images fonts in obtained the protection in of this text waydata against showed electromagnetic the superiority of the infiltration will still be developed in the future. The fonts must be fully usable, i.e., contain the secure fonts overrequired traditional characters for ones the full in theediting field of text of documents. protection of text information against electromagnetic penetration. This applies to cases when the font character size was not larger than 24 points. Character recognition is possible for larger sizes. For traditional fonts, the text was readable for virtually any size of characters. The conclusions are also true for analogue graphic standard. In Figure 23, each considered font is presented. The size of characters was equal to 14 points and the text written by using secure fonts is very difficult to read. The presented method of using secure fonts in the protection of text data against electromagnetic infiltration will still be developed in the future. The fonts must be fully usable, i.e., contain the required characters for the full editing of text documents. The main originality of the paper stands in the use of the secure symmetrical and secure asymmetrical sets of characters and numbers that were patented by the Polish Office Pattern in the form of the Industrial Design (No. 24487) and Patent (No. 231691). We propose the use of these fonts Appl. Sci. 2020, 10, 2828 17 of 18 to be introduced as one of the official TEMPEST countermeasures in the classified NATO documents, that impose the regulations of the activities involved in this technical field and which represent national security measures for the IT equipment of each Member State (NATO and EU).Their security have been tested by the MCI, Poland, in their laboratory, but here it is the first time when they are also checked in STS, Romania, in an independent laboratory with a different setup and test equipment. Since in the two testing environments there have been obtained similar results, that asses the fact that the secure symmetrical and secure asymmetrical sets of characters and numbers are less vulnerable to interception through revealing electromagnetic emissions. We consider this to be the beginning of a long process of EU and/or NATO endorsement of this TEMPEST protection countermeasure.

6. Patents The secure symmetrical and the secure asymmetrical fonts obtained the protection of Polish Oﬃce Pattern in the form of the Industrial Design (No. 24487) and Patent (No. 231691).

Author Contributions: Conceptualization, I.K., A.B. and S.H.; methodology, I.K. and A.B.; software, I.K. and A.B.; validation, I.K, A.B. and S.H.; formal analysis, I.K. and A.B.; investigation, I.K. and A.B.; resources, I.K., A.B. and S.H.; writing—original draft preparation, I.K., A.B. and S.H.; writing—review and editing, I.K., A.B. and S.H.; visualization, I.K. and A.B.; supervision, I.K. and S.H.; project administration, I.K. and S.H.; All authors have read and agreed to the published version of the manuscript. Funding: This research received no external funding. Conﬂicts of Interest: The authors declare no conﬂict of interest.

References

1. Vuagnoux, M.; Pasini, S. Compromising Electromagnetic Emanations of Wired and Wireless Keyboards. In Proceedings of the 18th Conference on USENIX Security Symposium SSYM’09, Montreal, QC, Canada, 10–14 August 2009; USENIX Association: Berkley, CA, USA, 2009; pp. 1–16.

2. Boitan, A.; Bărtus, ică, R.; Halunga, S.; Popescu, M.; Ionut, ă, I. Compromising Electromagnetic Emanations of Wired USB Keyboards. In Proceedings of the Third International Conference on Future Access Enablers for Ubiquitous and Intelligent Infrastructures (FABULOUS), Bucharest, Romania, 12–14 October 2017; Springer: Cham, Switzerland, 2017. 3. Boitan, A.; Halunga, S.; Bîndar, V.; Fratu, O. Compromising Electromagnetic Emanations of USB Mass Storage Devices. in press. Available online: https://doi.org/10.1007/s11277-020-07329-8 (accessed on 14 April 2020). 4. Wample, B.; Uluagac, S.; Beyah, R. Information Leakage in Encrypted IP Video Traﬃc. In Proceedings of the IEEE Global Communications Conference GLOBECOM, San Diego, CA, USA, 6–10 December 2015; IEEE: Piscataway, NJ, USA, 2015. [CrossRef] 5. Kuhn, M.G. Compromising Emanations: Eavesdropping Risks of Computer Displays; Technical Report No. 577; UCAM-CL-TR-577; University of Cambridge: Cambridge, UK, 2004. 6. Nan, Z.; Yinghua, L.; Qiang, C.; Yiying, W. Investigation of Unintentional Video Emanations from a VGA Connector in the Desktop Computers. IEEE Trans. Electromagn. Compat. 2017, 59, 1826–1834. [CrossRef] 7. Macovei, A.; Butnariu, V.; Boitan, A.; Rosu, G.; Trip, B.; Halunga, S. Detection of Electromagnetic Emissions Transmitted on The Power Line Through Electrical Conduction. In Proceedings of the International Conference on Applied and Theoretical Electricity (ICATE), Craiova, Romania, 4–6 October 2018; IEEE: Piscataway, NJ, USA, 2018. [CrossRef] 8. Smulders, P. The Threat of Information Theft by Reception of Electromagnetic Radiation from RS-232 Cables. Comput. Secur. 2002, 9.[CrossRef]

9. Boitan, A.; Halunga, S.; Bărtus, ică, R.; Bîndar, V. Video signal recovery from the laser printer LCD display. Microelectron. Nanotechnol. 2018, 10977.[CrossRef] 10. Kubiak, I.; Loughry, J. LED Arrays of Laser Printers as Valuable Sources of Electromagnetic Waves for Acquisition of Graphic Data. Electronics 2019, 8, 1078. [CrossRef] 11. Grzesiak, K.; Przybysz, A. Emission Security of Laser Printers. In Concepts and Implementations for Innovative Military Communications and Information Technologies; Military University of Technology: Warsaw, Poland, 2010. Appl. Sci. 2020, 10, 2828 18 of 18

12. Kubiak, I. Laser printer as a source of sensitive emissions. Turk. J. Electr. Eng. Comput. Sci. 2018, 26, 1354–1366. [CrossRef] 13. Boitan, A.; Bătu¸sică, R.; Halunga, S.; Fratu, O. Electromagnetic Vulnerabilities of LCD Projectors. In Proceedings of the 6th Conference on the Engineering of Computer Based Systems, Bucharest, Romania, 2–3 September 2019; University Politechnica of Bucharest: Bucharest, Romania, 2019; pp. 1–6. [CrossRef] 14. Lee, H.K.; Kim, J.H.; Kim, S.C. Emission Security Limits for Compromising Emanations Using Electromagnetic Emanation Security Channel Analysis. IEICE Trans. Commun. 2013, 96, 2639–2649. [CrossRef] 15. Kubiak, I. Video signal level (colour intensity) and effectiveness of electromagnetic infiltration. Bull. Pol. Acad. Sci. 2016, 64, 2007–2018. [CrossRef] 16. Kubiak, I. Influence of the method of colors on levels of electromagnetic emissions from video standards. IEEE Trans. Electromagn. Compat. 2018, 61, 1–9. [CrossRef] 17. Idita, A.; Butnariu, V.; Rosu, G.; Trip, B.; Boitan, A.; Baltag, O. Study of Shielding Effectiveness on Spurious Emissions of Information Systems by Means of Metallic and Carbon Powder Screens. In Proceedings of the International Conference on Applied and Theoretical Electricity (ICATE), Craiova, Romania, 4–6 October 2018; IEEE: Piscataway, NJ, USA, 2018. [CrossRef] 18. Tajima, K.; Ishikawa, R.; Mori, T.; Suzuki, Y.; Takaya, K. A Study on Risk Evaluation of Countermeasure Technique for Preventing Electromagnetic Information Leakage From ITE. In Proceedings of the International Symposium on Electromagnetic Compatibility—EMC, Angers, France, 4–7 September 2017; IEEE: Piscataway, NJ, USA, 2017. [CrossRef] 19. International Telecommunications Union. Mitigation Methods Against Electromagnetic Security Threats; Series K: Protection Against Interference; Recommendation K.115, 11/2015; Telecommunication Standardization Sector of ITU: Geneva, Switzerland, 2015. 20. Kubiak, I. Font Design—Shape Processing of Text Information Structures in the Process of Non-Invasive Data Acquisition. Computers 2019, 8, 70. [CrossRef] 21. Ketenci, S.; Kayikçio˘glu,T.; Gangal, A. Recognition of Sign Language Numbers via Electromyography Signals. In Proceedings of the 23rd Signal Processing and Communications Applications Conference (SIU), Malatya, Turkey, 16–19 May 2015; IEEE: Piscataway, NJ, USA, 2015; pp. 2593–2596. 22. Bahare, J.; Abdolah, C. Persian Sign Language Recognition Using Radial Distance and Fourier Transform. Int. J. Image Graph. Signal Process. 2014, 1, 40–46. [CrossRef] 23. Yuan, K.; Grassi, F.; Spadacini, G.; Pignari, S.A. Crosstalk-Sensitive Loops and Reconstruction Algorithms to Eavesdrop Digital Signals Transmitted Along Differential Interconnects. IEEE Trans. Electromagn. Compat. 2017, 59, 256–265. [CrossRef] 24. Xie, C.H.; Wang, T.; Hao, X.; Yang, M.; Zhu, Y.; Li, Y. Localization and Frequency Identification of Large-Range Wide-Band Electromagnetic Interference Sources in Electromagnetic Imaging System. Electronics 2019, 8, 499. [CrossRef] 25. Ko, W.L. Time Domain Solution of Electromagnetic Problems. Electromagnetics 1992, 12, 403–433. [CrossRef] 26. Cihan, U.; A¸sık,U.; Cantürk, K.; Sarhat, S.; Bilal, K.; Ugur, S. Automatic tempest test and analysis system design. Int. J. Cryptogr. Inf. Secur. 2014, 4.[CrossRef]

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).