http://h30565.www3.hp.com/t5/Feature-Articles/Your-GPU-s-Fingerprint-Could-Lead-to-New-Security-Methods/ba-p/8418
Your GPU's “Fingerprint” Could Lead to New Security Methods
by Andy Patrizio (apatrizio) on 29-10-2012 08:00 AM
starlight_dreamstimefree_141720.jpg
In the online world, a World of Warcraft account can be worth serious money.
With such an incentive, malware is set to steal your WoW login and password,
should you become infected. To protect an account, WoW users have the option
of purchasing an authenticator for a minor fee of $6.50. Of course, if you
lose the authenticator or if it breaks, poof! goes your game access.
Security veterans recognize this as two-factor authentication: a password and
a separate, physical security device that the owner must have in their
possession. While two-factor authentication can greatly increase your
security, it also represents another point of vulnerability because you can
always lose the device.
Researchers in Europe have come up with an alternative. Instead, your
computer's graphics processor unit (GPU) would be the authenticator,
identifying a user by tying him to his specific GPU.
The Physically Unclonable Functions Found in standard PC Components Project,
or PUFFIN, say that every GPU has a unique and defining set of
characteristics that make each GPU as unique and individual as a snowflake or
a fingerprint.
These differences are known as a physical unclonable functions (PUF); they
can only be detected by software and by knowing where to look. This is how
the PUFFIN group found the uniqueness to GPU memory in the first place, since
it was looking for PUFs. The PUFFIN group, which specializes in cryptography,
uses GPUs for number crunching, since these chips are essentially giant math
co-processors. To get higher performance, the PUFFIN group designed an
assembly language application and gained access to the static RAM on the GPU.
One of the things they did was look at the contents of a GPU’s SRAM to see if
the previous contents were still there, explained Dr. Tanja Lange, a
professor in the department of Mathematics and Computer Science at Technische
Universiteit Eindhoven, in Eindhoven, Holland.
What they found looked promising for a PUF. To further investigate the
behavior, they joined forces with two other universities, including the
University of Chicago, and Intrinsic-ID, a Dutch company specializing in
PUFs.
The physical layout of SRAM cells is such that each of them falls to a 0 or 1
when unpowered, Dr. Lange explained. The choice depends on tiny manufacturing
differences. When the SRAM is powered on, these values stay until drivers
overwrite them with data.
Like fingerprints, the behavior of falling to 0 or to 1 is not perfectly
deterministic, but we know how to deal with noisy data. It was known already
that in general SRAM can be used to build PUFs, she said.
What this means is the 0s and 1s of SRAM have a unique arrangement to each
GPU – which enables your GPU to become your authenticator. A WoW gamer won't
need the separate physical authenticator any more, as her GPU can handle
authentication for them.
Or, on the flip side, a GPU could be the validation that allows only a
certain PC to access a certain resource. For example, C-level executives
could have their own secured, private space on a corporate network which only
they could access, with their PC's GPU acting as authentication. No other PC
would be able to access that network space.
The PUFFIN group managed to dig into the GPUs to read out the uninitialized
memory. It could extract the information from Nvidia GPUs using Nvidia's CUDA
language for programming the GPU processor. The researchers have not
experimented with GPUs from AMD or Intel yet but they hope to find a similar
scenario.
In principle, this should apply to anything out there, said Daniel J.
Bernstein, a professor of computer science at the University of Illinois at
Chicago and also a part-time professor at Technische Universiteit Eindhoven.
Whether we can get access from software is a new game for every processor.
There's no reason things should be different for AMD and Intel. There should
be the same variability in static RAM. Whether we can access it is another
question.
GPU makers don't want anyone looking at the initialization memory, so it took
some effort on the part of the Eindhoven group to get at the memory. Access
[to the GPU SRAM] has to be integrated with OS kernel and hypervisor. There's
still more steps to be taken. What we have now is a demo that GPUs have this
identification information we can access and there are no clear obstacles to
using it as security, said Bernstein. But he adds that it's not something
that can be dropped into products today.
Based on what we've seen so far, it is impossible for anyone to clone the
card, said Lange. But turning identity into a full-fledged security
mechanism is several steps we have to go through.
Indeed, it will require an industry-wide standard