Donate $25 for two DVDs of the Cryptome collection of files from June 1996 to the present


17 August 2009


9 September 2008. A Zipped PDF of the full original NSTISSAM TEMPEST/1-92:

http://cryptome.org/nstissam1-92.zip (14.5MB)

26 October 1999: Link to the third part transcription of NSTISSAM TEMPEST/1-92, Sections 6-12: http://cryptome.org/nt1-92-6-12.htm

25 October 1999: The second part transcription of NSTISSAM TEMPEST 1/92, Table of Contents, Sections 1-5: http://cryptome.org/nt1-92-1-5.htm

For comprehensive TEMPEST stuff (non-secret, that is) see The Complete, Unofficial TEMPEST Information Page: http://www.eskimo.com/~joelm/tempest.html

24 October 1999
Source: Hardcopy from the National Security Agency received October 21, 1999. Released in response to an FOIA request dated May 18, 1998. Of twenty-two TEMPEST-related documents requested, only parts of two were released. NSA wrote that most remain classified as SECRET and unreleasable. An appeal for additional releases has been filed.

This an initial part of transcription of a 172-page document released in which classified sections, about half of the volume, have been redacted (indicated by xxxxxxxx). Balance of transcription is underway and will be offered here as completed.

The other release, NSA/CSS Regulation 90-6, Technical Security Program, a 12-page document: http://cryptome.org/nsa-reg90-6.htm

Classification symbols: (U) = unclassified, (C) = classified, FOUO = for official use only. Overstrikes in the original.


CONFIDENTIAL

                     NSTISSAM TEMPEST/1-92
15 December 1992
NSTISS

NATIONAL
SECURITY
TELECOMMUNICATIONS
AND
INFORMATION
SYSTEMS
SECURITY



COMPROMISING EMANATIONS

LABORATORY TEST REQUIREMENTS

ELECTROMAGNETICS (U)





CLASSIFIED BY DIRNSA (NATIONAL MANAGER, NSTISS)
DECLASSIFY ON: ORIGINATING AGENCY'S DETERMINATION REQUIRED

CONFIDENTIAL


NSTISS

NATIONAL
SECURITY
TELECOMMUNICATIONS
AND
INFORMATION
SYSTEMS
SECURITY

                   NATIONAL MANAGER

                                             15 December 1992






                          FOREWORD

     1. (U) National Security Telecommunications and 
Information Systems Security Advisory Memorandum (NSTISSAM) 
TEMPEST/1-92, "Compromising Emanations Laboratory Test 
Requirements, Electromagnetics" specifies test procedures for 
identifying the conducted and electromagnetic radiation 
emanations characteristics of individual equipment in a 
laboratory environment. This NSTISSAM supersedes NSTISSAM 
TEMPEST/l-91, dated 21 March 1991.

     2. (U) This document contains communications security 
material. Access by contractor personnel is restricted to U.S. 
citizens holding final U.S. Government clearances. This 
document is not releasable to the Defense Technical Information 
Center per DoD Instruction 5100.38.

     3. (U) Representatives of the National Security 
Telecommunications and Information Systems Security Committee 
(NSTISSC) may obtain additional copies of this advisory 
memorandum from:

              Executive Secretariat
              National Security Telecommunications and
              Information Systems Security Committee
              National Security Agency
              Fort George G. Meade, MD 20755-6000

     4. (U) U.S. Government contractors are to contact their 
appropriate government agency or Contracting Officer 
Representative regarding distribution of this document.

                         [Signature]


	                 J. M. McCONNELL 
                     Vice Admiral, U.S. Navy


FOR OFFICIAL USE ONLY


[Appendix A, 4 pp., is one of A-M appendices]

CONFIDENTIAL                NSTISSAM TEMPEST/1-92


APPENDIX A

CLASSIFICATION OF COMPROMISING EMANATIONS INFORMATION

A.1. (U) General. -- The Director, National Security Agency, has responsibility for providing guidance on security classification and control of inforrnation pertaining to compromising emanations, including the releasability of this information to foreign nationals.

A.2. (U) Scope. -- These guidelines cover information relating to the control of compromising emanations and supplement those in NTISSI-4002. dated 5 June 1986.

A.3. (U) Rationale. -- Compromising emanations information shall bE classified based on provisions of Executive Order 12356, "National Security Information," dated 2 April 1982.

[Two paragraphs of ten lines redacted]

FOUO b. (U) The following guidelines describe various aspects of the compromising emanations problems and provide levels of classification which shall be assigned to this information The levels of classification indicate the minimum levels of protection which shall be afforded a particular category of compromising emanations information (It may be necessary to assign higher levels of classification to specific categoreis of compromising emanations information depending on such factors as: [three lines redacted]

FOUO c. (U) [Two lines redacted] No person is entitled to possess or access information concerning compromising emanations solely because of his office, position, or type of clearance. No information related to the subject of compromising emanations shall be released to the public through the press, advertising, radio, TV, or other public media without specific written approval from the Director, National Security Agency.

FOUO c. (U) The discussion of TEMPEST information on commercial telephones is discouraged. [One line redacted] Attempts to "talk around" classified TEMPEST information must be avoided.

__________

1 Does not apply to Contractors [Note to unknown redacted section]

A.4. (U) Classification Marking. -- In accordance with the following guidelines, classification markings for compromising emanations information shall be reflected in each paragraph, and at the top and bottom of each page and the cover sheets:

a. (U) For Department of Defense contractors and bidders --
in accordance with the directives of DoD 5220 22-M and the authorization and guidelines of the contractor's/bidder's DD-254.

b. (U) For all other contractors and bidders --
in accordance with appropriate department or agency guidance.

c. (U) For U S. Government testing agencies --
"Classified by NSA/CSSM 123-2 Declassify On: Originating Agency's Determination Required"

A.5. (U) Foreign Release. -- Classified TEMPEST information may be released to foreign nationals only when authorized by the Director, National Security Agency. Address requests for authorization to Director, National Secunty Agency, ATTN: S1, Fort George G. Meade, MD 20755-6000. Each publication which contains classified TEMPEST information shall have the following notation placed on its letter of promulgation, handling instructions or title page.

"This publication or the information it contains may not be released to foreign nationals without prior specific approval from the Director, National Security Agency. All approvals will identify the specific information extracted from this publication authorized for release to specific foreign holders."

A.6. (U) Specific Guidelines. -- This apperldix contains clsssification guidelines which relate only to TEMPEST information. Terms, details of testing, test data, etc., related to standard radio frequency interference (RFI), electromagnetic interference (EMI) or electromagnetic compatibility (EMC) testing are unclassified and are not addressed in these guidelines. These guidelines cover the most common occurrences; if circumstances arise which are not covered by these guidelines, the originator must determine a classification based on the rationale contained in Paragraph A.3 above.

A.7. (U) TEMPEST Classification Chart Outline. -- Tne following is a TEMPEST classification chart to assist in specific problems. The contents of this chare are:

a. (U) Terms (when associated with TEMPEST) and definitions.

b. (U) Policy.

c. (U) General TEMPEST statements.

d. (U) Procedures, techniques, and specifications.

e. (U) Laboratory tests.

A.8. (U) TEMPEST Classification Chart.

a. (U) Terms (when associated with TEMPEST) and Definitions. -- The definitions for the terms listed herein are contained in Appendix A, NACSIM 5000.

Terminology

Classification

Term

Definition

1. (U) Acoustic Emanation UNCLASSIFIED CONFIDENTIAL
2. (U) Average Depth of Correct Symbol (ADCS) UNCLASSIFIED CONFIDENTIAL
3. (U) Bit Density Information UNCLASSIFIED CONFIDENTIAL
4. (U) Compromising Emanations (CE) UNCLASSIFIED UNCLASSIFIED
5. (U) Controlled Space (CS) UNCLASSIFIED UNCLASSIFIED
6. (U) Digraphic Information UNCLASSIFIED CONFIDENTIAL
7. (U) Emission Security UNCLASSIFIED UNCLASSIFIED
8. (U) Fortuitous Conductions (FC) UNCLASSIFIED UNCLASSIFIED
9. (U) Information Ratio (IR) UNCLASSIFIED UNCLASSIFIED
10. (U) Line Conduction (LC) UNCLASSIFIED UNCLASSIFIED
11. (U) Monographic Information UNCLASSIFIED UNCLASSIFIED
12. (U) Polygraphic Information UNCLASSIFIED CONFIDENTIAL
13. (U) Powerline Conduction UNCLASSIFIED UNCLASSIFIED
14. (C) xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
15. (C) xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
16. (C) xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
17. (U) Short Cycle Operation UNCLASSIFIED CONFIDENTIAL
18. (U) Skewed Parallel Signal UNCLASSIFIED CONFIDENTIAL
19. (U) Telecommunications UNCLASSIFIED UNCLASSIFIED
20. (U) TEMPEST UNCLASSIFIED UNCLASSIFIED
21. (U) Transition Density Information UNCLASSIFIED CONFIDENTIAL

Statement

Classification

b. (U) Policy. -- Information indicating the U.S. Goverment's national-level policies, programs, responsibilties, or resources for the control of compromising emanations. CONFIDENTIAL
c. (U) General TEMPEST Statements.
(1) (U) The statement, without gaving details, that a specific plaintext processing equipment/system has TEMPEST deficiencies. (If any specifics are provided, see Paragraph A.8.e).
UNCLASSIFIED
(2) (U) The statement that a TEMPEST-suppressed version of a plaintext processing equipment/system is available. (If any specifics are provided, see Paragraph A.8.e).
UNCLASSIFIED
(3) (U) Schematics or information regarding the technical or perforrnance characteristics of specific counterrneasures (circuits, devices or components) which are identified as being used to control or eliminate the following types of TEMPEST problems if not associated with a specific equipment or system. (If a specific equipment or system is identified, see Paragraph A.8.e).

        (a) (U) Electromagnetic radiation or line conduction
        (b) (C) xxxxxxxxxx

UNCLASSIFIED
xxxxxxxxxx
(4) (U) The statement that a specific equipment/system has been scheduled for a TEMPEST test.
UNCLASSIFIED
(5) (U) Complete or essentially complete listings of TEMPEST documents.
UNCLASSIFIED
d. (U) Procedures, Techniques and Specifications.
(1) (U) Procedures, techniques, and specifications for the detection of compromising emanations which compromise plaintext.
CONFIDENTIAL
(2) (U) Information revealing the specific analytic methods or techniques used to extract information or otherwise exploit compromising emanations related to plaintext.
SECRET
(3) (U) Information revealing newly discovered, or certain special, techniques for interception, analysis, or testing.
TOP SECRET
e. (U) Laboratory Tests. -- The following statements provide guidance relative to system and equipment TEMPEST evaluations.
(1) (U) Test results, or other information, including the information ratio (IR), which indicates that the following TEMPEST vulnerabilities exist with a specific equipment/system which process national security information.

        (a) (U) Emanations within a CS or below a specification limit (i.e., CE) which compromise plaintext.
        (b) (C) [Three lines redacted]

CONFIDENTIAL
xxxxxxxxxx
(2) (U) The statement, without revealing specific details, that an equipment/ system has been modified to meet TEMPEST requirements or that TEMPEST vulnerabilities have been corrected.
UNCLASSIFIED
(3) (U) Information that specific TEMPEST vulnerabilities have been corrected with a specific equipment/system.
CONFIDENTIAL
(4) (C) [Four lines redacted]
xxxxxxxxxx
Note: Schematics and drawings which include TEMPEST xxxxxxxxxxxxxxxxxxxxxxxx are not classified.

CONFIDENTIAL


Transcription and HTML by Cryptome.