In the online world, a World of Warcraft account can be worth serious money. With such an incentive, malware is set to steal your WoW login and password, should you become infected. To protect an account, WoW users have the option of purchasing an authenticator for a minor fee of $6.50. Of course, if you lose the authenticator or if it breaks, poof! goes your game access.
Security veterans recognize this as two-factor authentication: a password and a separate, physical security device that the owner must have in their possession. While two-factor authentication can greatly increase your security, it also represents another point of vulnerability because you can always lose the device.
Researchers in Europe have come up with an alternative. Instead, your computer's graphics processor unit (GPU) would be the authenticator, identifying a user by tying him to his specific GPU.
The Physically Unclonable Functions Found in standard PC Components Project, or PUFFIN, say that every GPU has a unique and defining set of characteristics that make each GPU as unique and individual as a snowflake or a fingerprint.
These differences are known as a physical unclonable functions (PUF); they can only be detected by software and by knowing where to look. This is how the PUFFIN group found the uniqueness to GPU memory in the first place, since it was looking for PUFs. The PUFFIN group, which specializes in cryptography, uses GPUs for number crunching, since these chips are essentially giant math co-processors. To get higher performance, the PUFFIN group designed an assembly language application and gained access to the static RAM on the GPU.
One of the things they did was look at the contents of a GPU’s SRAM to see if the previous contents were still there, explained Dr. Tanja Lange, a professor in the department of Mathematics and Computer Science at Technische Universiteit Eindhoven, in Eindhoven, Holland.
What they found looked promising for a PUF. To further investigate the behavior, they joined forces with two other universities, including the University of Chicago, and Intrinsic-ID, a Dutch company specializing in PUFs.
The physical layout of SRAM cells is such that each of them falls to a 0 or 1 when unpowered, Dr. Lange explained. The choice depends on tiny manufacturing differences. When the SRAM is powered on, these values stay until drivers overwrite them with data.
"Like fingerprints, the behavior of falling to 0 or to 1 is not perfectly deterministic, but we know how to deal with noisy data. It was known already that in general SRAM can be used to build PUFs," she said.
What this means is the 0s and 1s of SRAM have a unique arrangement to each GPU – which enables your GPU to become your authenticator. A WoW gamer won't need the separate physical authenticator any more, as her GPU can handle authentication for them.
Or, on the flip side, a GPU could be the validation that allows only a certain PC to access a certain resource. For example, C-level executives could have their own secured, private space on a corporate network which only they could access, with their PC's GPU acting as authentication. No other PC would be able to access that network space.
The PUFFIN group managed to dig into the GPUs to read out the uninitialized memory. It could extract the information from Nvidia GPUs using Nvidia's CUDA language for programming the GPU processor. The researchers have not experimented with GPUs from AMD or Intel yet but they hope to find a similar scenario.
"In principle, this should apply to anything out there," said Daniel J. Bernstein, a professor of computer science at the University of Illinois at Chicago and also a part-time professor at Technische Universiteit Eindhoven. "Whether we can get access from software is a new game for every processor. There's no reason things should be different for AMD and Intel. There should be the same variability in static RAM. Whether we can access it is another question."
GPU makers don't want anyone looking at the initialization memory, so it took some effort on the part of the Eindhoven group to get at the memory. "Access [to the GPU SRAM] has to be integrated with OS kernel and hypervisor. There's still more steps to be taken. What we have now is a demo that GPUs have this identification information we can access and there are no clear obstacles to using it as security," said Bernstein. But he adds that it's not something that can be dropped into products today.
"Based on what we've seen so far, it is impossible for anyone to clone the card," said Lange. "But turning identity into a full-fledged security mechanism is several steps we have to go through."
Indeed, it will require an industry-wide standard to get it implemented, said Jon Peddie, president of Jon Peddie Research, who follows the graphics market. "All the game companies will have to agree to set in such a recognition method, an industry-wide measure and record mechanism will have to be picked. Then here comes the patent trolls – unless it can be done open source through an agency like Khronos," he said.
Bob Jueneman, president of Jueneman Consulting, a specialist in information and security consulting, sees potential use and abuse, in this mechanism. "I'm a little concerned that it would be something that would be abused. If some software could use that to authenticate a gamer, then some malware could read it out as well and use it to log into an app or fraudulently use the same," he said.
"It's better than the existing practice of asking your mother's maiden name," Jueneman added. "There's a lot to be said for really bad password management. This could be a really neat way of authenticating, if not a human user, then at least a machine. But to the same extent that could be used for tracking users, not necessarily with their permission. My main concern is: Could that info be cloned?"
Cloning the actual SRAM state in a GPU is not possible, said Dr. Lange. "What we've done so far in our research is reading out this SRAM state. We can of course copy this readout. What we're aiming for is to put an authentication system in place where the GPU never hands over the raw data. Instead the GPU uses it in a challenge-response protocol, just like the secret key in a signature system or zero-knowledge protocol. This does rely on the OS and/or hypervisor shielding the card from bad requests, such as ‘hand over all your secrets,’" she said.
It will be a while before we get those answers. PUFFIN's research is expected to continue through 2015.