With the rising importance of information security, the necessity of implementing better security measures in the physical layer as well as the upper layers is becoming increasing apparent. Given the development of more accurate and less expensive measurement devices, high-performance computers, and larger storage devices, the threat of advanced attacks at the physical level has expanded from the military and governmental spheres to commercial products. In this paper, we review the issue of information security degradation through electromagnetic (EM)-based compromising of security measures in the physical layer (i.e., EM information security). Owing to the invisibility of EM radiation, such attacks can be serious threats. We first introduce the mechanism of information leakage through EM radiation and interference and then present possible countermeasures. Finally, we explain the latest research and standardization trends related to EM information security.

In this paper, we propose periodic and aperiodic security limits for compromising emanations in the VHF and UHF bands. First, we perform the electromagnetic emanation security (EMSEC)-channel measurements in the 200-1000MHz frequency bands. Second, we analyse the pathloss characteristics of the indoor EMSEC-channel based on these measurements. Through this EMSEC-channel analysis, we affirm that the total radio attenuation, which is one of the key parameters for determining the security limits for compromising emanations, follows the Rician distribution. With these results, we propose that periodic and aperiodic emission security limits can be classified into two levels depending on the total radio attenuation and the extent of required confidentiality. The proposed security limits are compared with other security limits and existing civil and military EMC standards.

It is well known that there is relationship between electromagnetic emanation and processing information in IT devices such as personal computers and smart cards. By analyzing such electromagnetic emanation, eavesdropper will be able to get some information, so it becomes a real threat of information security. In this paper, we show how to estimate amount of information that is leaked as electromagnetic emanation. We assume the space between the IT device and the receiver is a communication channel, and we define the amount of information leakage via electromagnetic emanations by its channel capacity. By some experimental results of Tempest, we show example estimations of amount of information leakage. Using the value of channel capacity, we can calculate the amount of information per pixel in the reconstructed image. And we evaluate the effectiveness of Tempest fonts generated by Gaussian method and its threshold of security.