subject:"\[cryptography\] Your GPU's “Fingerprint” Could Lead to New Security Methods"

[cryptography] Your GPU's “Fingerprint” Could Lead to New Security Methods

2012-10-30 Thread Eugen Leitl

http://h30565.www3.hp.com/t5/Feature-Articles/Your-GPU-s-Fingerprint-Could-Lead-to-New-Security-Methods/ba-p/8418

Your GPU's “Fingerprint” Could Lead to New Security Methods

by Andy Patrizio (apatrizio) on 29-10-2012 08:00 AM

starlight_dreamstimefree_141720.jpg

In the online world, a World of Warcraft account can be worth serious money.
With such an incentive, malware is set to steal your WoW login and password,
should you become infected. To protect an account, WoW users have the option
of purchasing an authenticator for a minor fee of $6.50. Of course, if you
lose the authenticator or if it breaks, poof! goes your game access.

Security veterans recognize this as two-factor authentication: a password and
a separate, physical security device that the owner must have in their
possession. While two-factor authentication can greatly increase your
security, it also represents another point of vulnerability because you can
always lose the device.

Researchers in Europe have come up with an alternative. Instead, your
computer's graphics processor unit (GPU) would be the authenticator,
identifying a user by tying him to his specific GPU.

The Physically Unclonable Functions Found in standard PC Components Project,
or PUFFIN, say that every GPU has a unique and defining set of
characteristics that make each GPU as unique and individual as a snowflake or
a fingerprint.

These differences are known as a physical unclonable functions (PUF); they
can only be detected by software and by knowing where to look. This is how
the PUFFIN group found the uniqueness to GPU memory in the first place, since
it was looking for PUFs. The PUFFIN group, which specializes in cryptography,
uses GPUs for number crunching, since these chips are essentially giant math
co-processors. To get higher performance, the PUFFIN group designed an
assembly language application and gained access to the static RAM on the GPU.

One of the things they did was look at the contents of a GPU’s SRAM to see if
the previous contents were still there, explained Dr. Tanja Lange, a
professor in the department of Mathematics and Computer Science at Technische
Universiteit Eindhoven, in Eindhoven, Holland.

What they found looked promising for a PUF. To further investigate the
behavior, they joined forces with two other universities, including the
University of Chicago, and Intrinsic-ID, a Dutch company specializing in
PUFs.

The physical layout of SRAM cells is such that each of them falls to a 0 or 1
when unpowered, Dr. Lange explained. The choice depends on tiny manufacturing
differences. When the SRAM is powered on, these values stay until drivers
overwrite them with data.

Like fingerprints, the behavior of falling to 0 or to 1 is not perfectly
deterministic, but we know how to deal with noisy data. It was known already
that in general SRAM can be used to build PUFs, she said.

What this means is the 0s and 1s of SRAM have a unique arrangement to each
GPU – which enables your GPU to become your authenticator. A WoW gamer won't
need the separate physical authenticator any more, as her GPU can handle
authentication for them.

Or, on the flip side, a GPU could be the validation that allows only a
certain PC to access a certain resource. For example, C-level executives
could have their own secured, private space on a corporate network which only
they could access, with their PC's GPU acting as authentication. No other PC
would be able to access that network space.

The PUFFIN group managed to dig into the GPUs to read out the uninitialized
memory. It could extract the information from Nvidia GPUs using Nvidia's CUDA
language for programming the GPU processor. The researchers have not
experimented with GPUs from AMD or Intel yet but they hope to find a similar
scenario.

In principle, this should apply to anything out there, said Daniel J.
Bernstein, a professor of computer science at the University of Illinois at
Chicago and also a part-time professor at Technische Universiteit Eindhoven.
Whether we can get access from software is a new game for every processor.
There's no reason things should be different for AMD and Intel. There should
be the same variability in static RAM. Whether we can access it is another
question.

GPU makers don't want anyone looking at the initialization memory, so it took
some effort on the part of the Eindhoven group to get at the memory. Access
[to the GPU SRAM] has to be integrated with OS kernel and hypervisor. There's
still more steps to be taken. What we have now is a demo that GPUs have this
identification information we can access and there are no clear obstacles to
using it as security, said Bernstein. But he adds that it's not something
that can be dropped into products today.

Based on what we've seen so far, it is impossible for anyone to clone the
card, said Lange. But turning identity into a full-fledged security
mechanism is several steps we have to go through.

Indeed, it will require an industry-wide standard

Re: [cryptography] Your GPU's “Fingerprint” Could Lead to New Security Methods

2012-10-30 Thread Beryl Lusen

On Tue, Oct 30, 2012 at 10:08:06AM +0100, Eugen Leitl wrote:
 
 In the online world, a World of Warcraft account can be worth serious money.
 With such an incentive, malware is set to steal your WoW login and password,
 should you become infected. To protect an account, WoW users have the option
 of purchasing an authenticator for a minor fee of $6.50. Of course, if you
 lose the authenticator or if it breaks, poof! goes your game access.
 
 Security veterans recognize this as two-factor authentication: a password and
 a separate, physical security device that the owner must have in their
 possession. While two-factor authentication can greatly increase your
 security, it also represents another point of vulnerability because you can
 always lose the device.
 
 Researchers in Europe have come up with an alternative. Instead, your
 computer's graphics processor unit (GPU) would be the authenticator,
 identifying a user by tying him to his specific GPU.

/snip

As someone who used to play WoW extensively and was in games development for 
quite a while, I wouldn't find this approach desirable either as a player or a 
developer for this sort of application.  What happens when I swap out my GPU 
for an upgrade?  What about players who play on multiple machines, or use their 
account at a friend's house?  If the key supplied by a GPU gets somehow 
compromised, don't I have to tell the user to buy another?  With authenticators 
I none of these sorts of issues; moreover, I have a clear integration path for 
incorporating the technology, and a simple, well-defined customer service path 
- they offer much more of a whole product solution.  Taking a step back from 
WoW and looking at the larger social-mobile trend you see the same sorts of 
problems; as a user I want secure access from any manner of devices that may 
change on a frequent basis, and as a developer/operator I want a simple, secure 
way to manage that.

I'm not saying there isn't utility in such an approach as is proposed, only 
that it seems to me such utility is predicated on an environment where you 
supply and control the user's hardware and may dictate the user's workflow.  An 
example along these lines would serve better than citing WoW.

-Beryl 
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] Your GPU's ???Fingerprint??? Could Lead to New Security Methods

2012-10-30 Thread Jonas Wielicki

On 30.10.2012 14:30, Natanael wrote:
 Yeah, this looks like TPM with software protection instead of hardware
 protection.
 
 Rootkits can screw it up.

I guess that is why the researchers suggested an on-GPU
challenge-response protocol implementation which would not hand out the
initial SRAM state directly to any software.

 Den 30 okt 2012 14:27 skrev Solar Designer so...@openwall.com:
 
 This is very curious, but ...

 On Tue, Oct 30, 2012 at 10:08:06AM +0100, Eugen Leitl wrote:
 Cloning the actual SRAM state in a GPU is not possible, said Dr. Lange.
 What
 we've done so far in our research is reading out this SRAM state. We can
 of
 course copy this readout. What we're aiming for is to put an
 authentication
 system in place where the GPU never hands over the raw data. Instead the
 GPU
 uses it in a challenge-response protocol, just like the secret key in a
 signature system or zero-knowledge protocol. This does rely on the OS
 and/or
 hypervisor shielding the card from bad requests, such as ???hand over
 all your
 secrets,??? she said.

 ... since it relies on OS and/or hypervisor security anyway, about the
 same functionality and security (not a lot of it) can be achieved by
 keeping the secret in a disk file (protected with filesystem/OS
 permissions) and having the crypto implemented in an OS driver (or
 privileged program).  Use of a GPU does not appear to provide much
 advantage on top of that.  It can't be physically cloned, but if OS
 security fails, then the GPU's secrets can be cloned and the
 authentication protocol simulated in host software (on attacker's
 machine, without the GPU).

 Alexander
 ___
 cryptography mailing list
 cryptography@randombit.net
 http://lists.randombit.net/mailman/listinfo/cryptography

 
 
 
 ___
 cryptography mailing list
 cryptography@randombit.net
 http://lists.randombit.net/mailman/listinfo/cryptography
 

___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

[cryptography] Your GPU's “Fingerprint” Could Lead to New Security Methods

Re: [cryptography] Your GPU's “Fingerprint” Could Lead to New Security Methods

Re: [cryptography] Your GPU's ???Fingerprint??? Could Lead to New Security Methods

3 matches

Site Navigation

Mail list logo

Footer information