Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graphics Cards: the Future of Online Authentication?

Posted by Soulskill on from the i-am-who-my-pc-says-i-am dept.

Gunkerty Jeb writes "Researchers working on the 'physically unclonable functions found in standard PC components (PUFFIN) project' announced last week that widely used graphics processors could be the next step in online authentication. The project seeks to find uniquely identifiable characteristics of hardware in common computers, mobile devices, laptops and consumer electronics. The researchers realized that apparently identical graphics processors are actually different in subtle, unforgeable ways. A piece of software developed by the researchers is capable of discerning these fine differences. The order of magnitude of these differences is so minute, in fact, that manufacturing equipment is incapable of manipulating or replicating them. Thus, the fine-grained manufacturing differences can act as a sort of a key to reliably distinguish each of the processors from one another. The implication of this discovery is that such differences can be used as physically unclonable features to securely link the graphics cards, and by extension, the computers in which they reside and the persons using them, to specific online accounts."

6 of 178 comments (clear)

  1. What about people with a multiple machines ? by SirGeek · · Score: 4, Insightful

    I have a home Linux machine, my wife's machine, my laptop and my work machine.

    How can I share my authentication amongst them ?

    --
    UPS Sucks
  2. Nice way to sugarcoat it by Hentes · · Score: 5, Insightful

    Why not just admit that they've found the unbreakable DRM? Online authentication is a solved problem.

  3. Why not use MAC address? by aaaaaaargh! · · Score: 5, Insightful

    You can feed false information to the software that reads the characteristics of a graphics card just as you can fake an MAC address. I fail to see a substantial difference.

  4. Re:This could go either way by 0racle · · Score: 5, Insightful

    I often buy my video cards second hand off ebay. I wonder who's accounts I'd be able to get into one day doing that.

    --
    "I use a Mac because I'm just better than you are."
  5. Re:This could go either way by mangobrain · · Score: 4, Insightful

    I was thinking the exact same things. Identifying the hardware is fundamentally different from identifying the person currently using it, and being able to state unequivocally that they are authorising whatever action is taking place. Plus, as you said, hardware gets upgraded. Even worse, though, is that hardware also fails; particularly high-end GPUs nearing the end of a life spent being slightly too hot. Unexpected hardware failure could leave users with no overlap in the usable life of old & new components, meaning they cannot log in to existing accounts in order to register the fingerprint of the new hardware. Also, unless there's a hidden cache of documents I'm missing somewhere, I can't find any details of what these "unclonable functions" actually are, just that they exist. Are they robust against simple replay attacks?

    This all smells like a bad idea to me; something cooked up by a bunch of theorists with very little grounding in practicality. Not sure what part of this could be a "good thing", to be honest.

  6. That makes sense. by overshoot · · Score: 4, Insightful

    Every time I upgrade my graphics card, all of my games stop working.

    I'm sure that there's something wrong with this, but I can't put my finger on it.

    --
    Lacking <sarcasm> tags, /. substitutes moderation as "Troll."