NAND Flash Can Verify a Device's Identity

itwbennett writes "Researchers at UC San Diego and Cornell University have developed software that they say can detect variations in flash behavior that are unique to each chip. The system uses 'physically unclonable functions' (PUFs), or variations in manufacturing that are unique to each element of each flash chip. Swanson described one PUF that his team has worked with, called Program Disturb. It uses a type of manufacturing flaw that doesn't affect normal operation but causes problems under test conditions." Related: from last October, another description of such error-based identity assignment.

Yet another perfect key

[geogob]

An the lock that goes with this 'perfect' key will most likely be picked through a deficient identification and validation system.

Properties get more unique as capacity goes up

[CaptBubba]

With increasing densities I doubt you have to go so far as to look at program disturb. Even just the distribution of bad cells which are present in all flash chips from the factory happens in a random enough manner to be able to ID each chip. There is no realistic way to be able to duplicate the bad cell pattern either. The only way you could ever hope to do it would be to get a flash chip with no defects (or only a few overlapping ones) and mark extra cells as defective. Feasible for a couple kilobit chip but not possible for gigibit densities.

A better ID system would be DRAM really. Write blanket 0s to a block of the memory and halt the refresh operation, then read it a second or two later and see how many have flipped to 1 and in what pattern (the 0 to 1 flip takes much longer than the 1 to 0 flip so it would be more reproducible).

legal?

[tchdab1]

How long before it's used as evidence in court?

Re:Which can be defeated

Actually that would be very difficult. The PUF has a large enough input range so that not all outputs can conceivably be retrieved. After manufacture, the device will be tested with just a few of these inputs (chosen randomly for each device) which are held securely in a database along with its serial number. To test the device, a subset of those inputs are used again with the PUF and if the outputs match within a certain tolerance then the device is genuine, otherwise it is counterfeit.

The fact that the input space is so large and the particular function results chosen at random and kept secret, makes a man in the middle attack infeasible.

Black Box Theory

[nashv]

From TFA

The hacker might test the NAND flash itself and store the expected values on the chip, then replay the expected results when the chip was tested. In this way, they could impersonate the authentic chip. However, tests showed that there would not be enough room on any chip to store the data needed to carry this out. The amount of data needed would grow with the capacity of the chip and would be orders of magnitude larger than its capacity, he said.

That's not what a hacker is going to do. A hacker is going to measure the chip's 'response function' to the ID/validation signals. And then he is going to find another chip. Probability dictates that for a sufficiently similar manufacturing process, another chip will have the same occurrence of behaviour NAND cells, except of course they will have a randomly different spatial location on the chip. Then all you need to do is remap the NAND cells' locations through a modified driver, and replicate the response function. YOu may not even need to have a similar occurrence of behaviours, it could be sufficient to find just enough to replicate the response function.

There is no need to have a complete deterministic model of the chip. You can treat it as a black box and replicate its essential characteristics in a different way. The principle is a mantra in reverse engineering anyway