Note on History of TEMPEST

30 June 2005. Thanks to A.

http://cryptome.org/tempest-old.htm
http://cryptome.org/nacsim-5000.htm
Comprehensive TEMPEST information: http://www.eskimo.com/~joelm/tempest.html

In the early 1960s the Department of State had a very sophisticated technical surveillance countermeasures program. I was privileged to be a part of it. Among other things, I arranged for various embassy code rooms to become shielded rooms. I was, for a while, the Department of State representative on SCOCE.

(See NACSIM 5000 for what that is).

I heard several accounts about the beginnings of TEMPEST: who discovered it first, when, and how.

I believe that its several origins in different countries are still classified.

I cannot discuss any details of the post-WW II discovery (or re-discovery) of TEMPEST, and how and when each side in the cold war learned of their own and each other's TEMPEST-related vulnerabilities, or of the other side's TEMPEST-related intelligence-gathering activities.

I can say that serious historical work was done to try to figure out what TEMPEST-vulnerable US & UK crypto systems had been used where and when, in order to try to accurately assess what US & UK crypto secrets MIGHT have been compromised to the Soviets at particular times and places in the past.

Bear in mind that the Soviet spy Philby had been MI-6's liason to Washington, and that anything we or the UK told each other about these matters went right to his master's ears.

The historians who dug into this came up, if I recall correctly, with definite suggestions from ancient intelligence files that TEMPEST-like intelligence-gathering techniques had been used by Germany against other countries before WW II and also by the allies against Germany during WW II.

I do not think it was called TEMPEST then - I do not know when the term was first used.

In any case, there were specific reason to believe from Soviet scientific literature that they might have both independently discovered TEMPEST - they have lots of good physicists after all - and that they also inherited it from Germany after the war.

A deep search of European and American patents demonstrated that at least some of the concepts had been understood by a few people for a long, long time.

I believe that NACSIM 5000 contains a couple of minor historical errors.

As I recall it, SCOCE was set up by a National Security Council directive - possibly (I no longer really recall) in response to a suggestion made via NSA &/or CIA through the President's Foreign Intelligence Advisory Board. So SCOCE was in its earliest days referred to as a special committee of the NSC. Those origins were soon lost in the shuffle, and it became, as it really had to be, a primarily NSA-led show.

NACSIM 5000 is definitely wrong about the origin-date of SCOCE's Technical Subcommittee. I know, because I sat on that body too. It definitely existed in the very early 1960s. The product of research into TEMPEST vulnerabilities and their cures were presented through that subcommitee.

I might note that despite the fact that vast numbers of people have been employed by intelligence agencies during the last 40 or 50 years, and even vaster numbers have at least been briefed about TEMPEST, even today many specific TEMPEST-related intelligence collection techniques (that were very well understood forty years ago) have still not yet been clearly and coherently disclosed in the open press. There are hints, but these may only be understood by those who know what they are looking at. In that narrow and probably trivial sense, there are still TEMPEST secrets.

At a more basic level, there are no TEMPEST secrets. TEMPEST is like the atomic bomb: the only real secret was that it was possible. After one knew that, anyone with first class applied physics brains and sufficient (quite modest, really) technological resources could eventually figure out all, or nearly all, of the vulnerabilities, and also their converse: the means by which intelligence might be extracted from compromising emanations.