This study addresses the risk of TEMPEST attacks on national electronic voting systems due to electromagnetic side-channel leakage. Leveraging publicly available technical documentation of Brazilian electronic voting machines, the authors construct a VGA display emulation environment and combine software-defined radio (SDR) with electromagnetic signal analysis to systematically evaluate, for the first time, the electromagnetic emanations of video signals from real election equipment. The investigation reveals that the system’s high-contrast, minimalist user interface generates highly distinctive electromagnetic signatures that are discernible even through walls, thereby confirming a practical TEMPEST vulnerability. Furthermore, the work introduces a novel paradigm for anticipating side-channel leakage by exploiting publicly accessible information about device design and operation.

In this work, we study the interface of the Brazilian e-Voting Machine (BVM) in the context of electromagnetic side-channel threats commonly referred to as TEMPEST attacks. In a TEMPEST attack against video displays, an eavesdropper uses Software-Defined Radios (SDRs) to recover sensitive information by intercepting electromagnetic emanations generated during video signal transmission. We emulate the BVM using a VGA monitor by leveraging publicly available information disclosed by the electoral authority, including technical specifications, operational rules of the system, and the official BVM interface. Based on this setup, we investigate whether the BVM interface gives rise to a distinctive spectral signature observable through its unintended electromagnetic emissions. Our findings show that design characteristics relevant to a nationwide electoral process -- such as high image contrast, minimal on-screen information, and the prohibition of other electronic devices within the polling station -- result in a simple and highly distinctive spectral signature that can be observed even through a wall in our experiments. Although our experiments do not involve actual BVM hardware, the results raise concerns regarding the system's susceptibility to TEMPEST attacks and highlight the need for further research on protective countermeasures. In this context, our findings may support the design of automatic jammers capable of adaptively targeting compromising frequencies. To the best of our knowledge, this is the first study investigating TEMPEST attacks in the context of an electronic voting system officially adopted by a country.