Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unspoofable Device Identity Using Flash Memory

Posted by timothy on from the double-edged-sword dept.

wiredmikey writes with a story from Security Week that describes a security silver lining to the inevitable errors that arise in NAND flash chips. By seeking out (or intentionally causing) defects in a given part of the chip, a unique profile can be created for any device using NAND flash which the author says may be obscured, but not reproduced: "[W]e recognize devices (or rather: their flash memory) by their defects. Very much like humans recognize faces: by their defects (or deviations from the 'norm') a bigger nose, a bit too bushy eyebrows, bigger cheeks. The nice twist is that if an attacker manages to read your device identity, he cannot inscribe it into his own device. Yes, he can create errors — like we did. But he cannot control where in the block they occur as this relies solely on microscopic manufacturing defects in the silicon."

8 of 145 comments (clear)

  1. Argument from ignorance by zero.kalvin · · Score: 4, Insightful

    Just because we don't know a way. That doesn't mean it can't be done.

    1. Re:Argument from ignorance by Joce640k · · Score: 4, Insightful

      Can't you create a device emulator and emulate the defects?

      --
      No sig today...
    2. Re:Argument from ignorance by Joce640k · · Score: 4, Insightful

      If it can be done in software then it's cheap...hackers have a lot of spare time.

      --
      No sig today...
  2. Unspoofable? by Anonymous Coward · · Score: 5, Insightful

    ...you mean I can't create a simple device that works as a flash drive, but every time the OS requests a bad block, it responds with an entirely fake response that just so happens to match the identity of the spoofed drive? Say, by using any low-cost prototyping board to spoof a USB interface? Or SATA interface?

    1. Re:Unspoofable? by Thanshin · · Score: 4, Insightful

      And the most retarded part is that just about everyone in any technical community can tell them why the idea is idiotic, useless and dangerous. I mean, there are pretty few things the internet does better than highlight your stupidity; they should learn to use that wonderful virtue.

      Can someone send them a simple email explaining how to first post their new ideas in a tiny forum so children can tell them why it won't work, before talking to the news?

  3. Sigh. We can emulate it. by JensR · · Score: 4, Insightful

    So what? We connect another memory device through an FPGA and emulate the error pattern. At least to the extend detected by the software.

  4. Doesn't know what spoofing means. by thegarbz · · Score: 4, Insightful

    Spoofing means to make a parody of or mis-represent. Spoofing does not imply that you're duplicating the original device it means that you make others think it's the original device. You don't need to re-create the hardware errors to do this, just intercept the calls which are looking for this hardware ID, and then spoof it.

    This may be an unduplicatable ID, but it is a far cry from unspoofable.

  5. Re:Defeated by Trusted Computing by KiloByte · · Score: 4, Insightful

    If you have a working Treacherous Computing setup that you believe isn't breached, what would you want the technique in the article for? With working TC, you have all of that and more. Without TC, it can be worked around with a simple kernel patch.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.