Black-bag cryptanalysis
 |
In cryptography, black-bag cryptanalysis is a euphemism for the acquisition of cryptographic secrets via burglary, or the covert installation of keystroke logging or trojan horse software/hardware on target computers or ancillary devices. It is even possible to monitor the electromagnetic emissions of computer displays or keyboards from a distance of 20 metres, and thereby decode what has been typed. This could be done by surveillance technicians, or via some form of bug concealed somewhere in the room.[1]
Regardless of the technique used, such methods are intended to capture highly sensitive information e.g. cryptographic keys, key-rings, passwords or unencrypted plaintext. Typically, the capture takes place without the victim(s) realising it has occurred. Black-bag cryptanalysis is in contrast to a mathematical or technical cryptanalytic attack. The term refers to the black bag of equipment that a burglar would carry or a Black Bag Operation.
As with rubber-hose cryptanalysis, this is technically not a form of cryptanalysis; the term is used sardonically. However, given the free availability of very high strength cryptographic systems, this type of attack is a much more serious threat to most users than mathematical attacks.