Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Unspoofable Device Identity Using Flash Memory (securityweek.com)

wiredmikey writes: In 1998, Intel announced the introduction of processor identities. Privacy advocates were terrified and it never happened. But a researcher has a new way to identify devices via its flash memory...

Very interesting article on how we can use errors in NAND Flash memory to identify devices — "NAND flash can actually lose data integrity just by reading its contents, but such errors can be corrected using error-correcting codes. Using a small piece of software, we can recognize devices (or rather: their flash memory) by their defects. Very much like humans recognize faces: by their defects (or deviations from the “norm”) a bigger nose, a bit too bushy eyebrows, bigger cheeks."

The nice twist is that if an attacker manages to read your device identity, he cannot inscribe it into his own device. Yes, he can create errors – like we did. But he cannot control where in the block they occur as this relies solely on microscopic manufacturing defects in the silicon....(more)

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Unspoofable Device Identity Using Flash Memory

Comments Filter:

Research is what I'm doing when I don't know what I'm doing. -- Wernher von Braun