Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unspoofable Device Identity Using Flash Memory

Posted by timothy on from the double-edged-sword dept.

wiredmikey writes with a story from Security Week that describes a security silver lining to the inevitable errors that arise in NAND flash chips. By seeking out (or intentionally causing) defects in a given part of the chip, a unique profile can be created for any device using NAND flash which the author says may be obscured, but not reproduced: "[W]e recognize devices (or rather: their flash memory) by their defects. Very much like humans recognize faces: by their defects (or deviations from the 'norm') a bigger nose, a bit too bushy eyebrows, bigger cheeks. The nice twist is that if an attacker manages to read your device identity, he cannot inscribe it into his own device. Yes, he can create errors — like we did. But he cannot control where in the block they occur as this relies solely on microscopic manufacturing defects in the silicon."

14 of 145 comments (clear)

  1. Argument from ignorance by zero.kalvin · · Score: 4, Insightful

    Just because we don't know a way. That doesn't mean it can't be done.

    1. Re:Argument from ignorance by Joce640k · · Score: 4, Insightful

      Can't you create a device emulator and emulate the defects?

      --
      No sig today...
    2. Re:Argument from ignorance by Joce640k · · Score: 4, Insightful

      If it can be done in software then it's cheap...hackers have a lot of spare time.

      --
      No sig today...
  2. Famous last words? by migla · · Score: 4, Funny

    "I'm unspoofable! Not even Zeus himself could spoof me!"

    --
    Some of my favourite people are from th US; Vonnegut, Chomsky, Bill Hicks.
  3. Unspoofable? by Anonymous Coward · · Score: 5, Insightful

    ...you mean I can't create a simple device that works as a flash drive, but every time the OS requests a bad block, it responds with an entirely fake response that just so happens to match the identity of the spoofed drive? Say, by using any low-cost prototyping board to spoof a USB interface? Or SATA interface?

    1. Re:Unspoofable? by Thanshin · · Score: 4, Insightful

      And the most retarded part is that just about everyone in any technical community can tell them why the idea is idiotic, useless and dangerous. I mean, there are pretty few things the internet does better than highlight your stupidity; they should learn to use that wonderful virtue.

      Can someone send them a simple email explaining how to first post their new ideas in a tiny forum so children can tell them why it won't work, before talking to the news?

    2. Re:Unspoofable? by tepples · · Score: 4, Informative

      you mean I can't create a simple device [...] by using any low-cost prototyping board to spoof a USB interface? Or SATA interface?

      Markus Jakobsson wrote in the article:

      No need for error-correcting codes; in fact, we will read and write "raw", which is possible since all of this will be done on OS level.

      He's talking about using raw NAND flash without a (hardware) controller, which is more than likely soldered to the motherboard. All USB flash drives have a controller performing error correction, as do all CompactFlash, SD, and Memory Stick memory cards. The only popular consumer flash storage devices that don't have a built-in controller are SmartMedia and xD-Picture cards; the controller for these is inside the camera or the USB card reader.

  4. Sigh. We can emulate it. by JensR · · Score: 4, Insightful

    So what? We connect another memory device through an FPGA and emulate the error pattern. At least to the extend detected by the software.

  5. Not sure if that'd work... by Sprite_tm · · Score: 4, Interesting

    From what I know of flash, the 'bad bits' aren't repeatedly bad. The bad-sector-swap-out-routine in most flash drives and USB sticks will actually swap out a sector after a single read that can't be ECC-corrected, but that doesn't mean all the bits in the sector can't be written correctly ever again.

    For example, in this article (IEEExplore, so paywalled for you, sorry) a generic NAND flash chip has been tested for bit-error-rates. In the 5K write cycles after an average bit has failed, it only failed to be written correctly 4 times more. That would mean that a single erase-rewrite cycle would write the complete sector without any bit errors 99% of the time: to find 'most' of the bad bits, the sector would have to be rewritten 1000s of times every time the software would want to check the fingerprint.

    Not only would that take a fair amount of time, it would also introduce new failed bits. That would mean the ID of the flash chip can only be checked so many times beffore the complete sector goes bad.

  6. Re:What if one more bit goes bad during normal usa by jojoba_oil · · Score: 4, Funny

    What if one more bit goes bad during normal usage..Identity is gone. Any thing tied to it will stop working.."Very much like humans recognize faces: by their defects"..if your son had plastic surgery without your knowledge..you will fail to recognize him?

    Especially if that plastic surgery was done unintentionally just by looking at him one time too many.

  7. Doesn't know what spoofing means. by thegarbz · · Score: 4, Insightful

    Spoofing means to make a parody of or mis-represent. Spoofing does not imply that you're duplicating the original device it means that you make others think it's the original device. You don't need to re-create the hardware errors to do this, just intercept the calls which are looking for this hardware ID, and then spoof it.

    This may be an unduplicatable ID, but it is a far cry from unspoofable.

  8. Re:Defeated by Trusted Computing by KiloByte · · Score: 4, Insightful

    If you have a working Treacherous Computing setup that you believe isn't breached, what would you want the technique in the article for? With working TC, you have all of that and more. Without TC, it can be worked around with a simple kernel patch.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  9. History repeating itself by mobilityguy · · Score: 5, Informative

    This sounds like an early 80s copy-protection scheme that depended on the bad-sector map of the installed hard drive to identify it. It was reliable because only a low-level format would change the pattern, and very few people ever did a low-level format to their drives. The scheme failed when production improved and most drives could be manufactured error-free.

  10. er... done before? by dogsbreath · · Score: 4, Interesting

    What they are saying is that this hardware has a unique "biometric" and that can be used to definitively identify true chips/boards from fake. Hmmm...

    First thought that popped up is that this isn't new: floppy disks were "copy protected" using defects punched into the original disk. That didn't work out very well so why would this?

    Second thought was that biometrics have strengths and weaknesses and are not unspoofable. Why would this be any different?

    Several other things come to mind:

    1. If a h/w encoded w/o (write only) serial number is not good enough, why is this better? Is it because it is cheaper? ie: the flash mem is already there so additional gates/circuitry is not required?

    2. What happens if the h/w tech changes? ie: flash mem is no longer cheap and ubiquitous because the whole h/w base has moved to a new technology? In other words, it binds h/w verification, which we want to be a reliable long term solution, to h/w technology which is highly volatile. Probably not a good idea.

    3. There is an assumption that these defects are random. I know from experience that many things we assume to be random are actually patterned and predictable. For example: I have observed DRAM chips that power on with repeatable bit patterns that sometimes vary with production run. Highly consistent, quality controlled production runs tends to remove entropy from the product. Faults and errors occur but within well defined constraints. So... disk drives used to fail within a fairly broad standard deviation from the MTBF but now, in a storage centre with hundreds of drives, I get multiple drive failures almost all at once. The standard deviation is much narrower because the manufacturing process is so well controlled. I used to replace drives when they failed and I was confident that the spares and RAID set redundancy would be sufficient to cover the rebuild time. Now I replace drives before the point in time when I expect failures to start because I can get multiple drive failures within the disk rebuild time. The failures are random but correlated. Go figure. Fortunately, tech change often happens before pre-emptive replacement is required.

    If we base a h/w verification scheme on the randomness of some aspect of a manufactured product then the scheme is bound to the manufacturing process. If you change your process then you change the verification confidence and security. Not good to make these things dependent.

    I think that if there is a need to provide h/w verification then the scheme should be controllable and independent of h/w technology and processes. It should also be able to encode other information with it (er ... it should be extensible). Code a w/o number onto the chip that works like PGP or a cert. Forget about biometrics.