`bPaitinni
`
`Office
`
`The
`Patents
`
`IE 02/0429
`
`ABSTRACT
`
`"SYSTEM METHOD FOR IDENTIFICATION AND AUTHENTICATION OF
`INFORMATION PROCESSING DEVICES"
`
`A system to obtain unique fingerprints from computer equipmentis presented. The
`
`system is able to probabilistically discriminate between two computers with an
`
`arbitrary degree of certainty, The Fingerprint of a system is obtained as a combination
`
`of information that is unique to the hardware and information aboutits configuration
`
`and state. <Fig.4>
`
`1
`
`GOOGLE 1005
`
`1
`
`GOOGLE 1005
`
`
`
`is
`.
`{RRoPcraekRearaetnasane
`
`NL
`
`IE 020429
`
`
`
`SB
`Sho EH Hie ‘i te
`IAUE Copy
`EP
`aoe,
`FOP
`sah ot, Br,
`
`PNDFETEbe
`
`
`SYSTEM AND METHODFOR IDENTIFICATION AND AUTHENTICATI
`INFORMATION PROCESSING DEVICES
`
`BACKGROUND OF THE INVENTION
`
`1.
`
`Field of the Invention
`
`The present
`
`invention relates to the field of digital devices and systems. More
`
`particularly, the present invention relates to identifying such digital devices and systems.
`
`2.
`
`Discussion of Related Art
`
`At present no universally accepted method exists for developing measurements which
`
`uniquely identify a digital device or system based on their physical characteristics. Such an
`
`identification method is highly desirable for authenticating remote access providers. Copyright
`
`infringement could be prevented by authenticating the system on which music is being played,
`
`videos are being displayed, and software is being executed using a unique identifier based on the
`
`physical characteristics of the system. Any system providing use on a restricted basis can benefit
`
`from the security provided by unique identifiers based on physical device properties.
`
`Theprior art fails to provide a unique identifier that is immuneto tampering.
`
`SUMMARY OF THE INVENTION
`
`A unique and private identifier that provides discrimination between two digital devices
`
`exemplified hereinafter by computers (and in general, two electronic appliances) is important for
`
`
`
`OPEN TO: PUBLIC INSPecTps OMMe LIS!op IT Sex5. |
`
`1
`
`i
`
`PRRecCei
`|
`almacite:
`Cet|
`
`tetegne,
`
`2
`
`
`
`E2049
`
`ensuring security and accountability in many applications. For cryptographic applications, the
`
`availability of a computer fingerprint that cannot be faked or duplicated by an attacker can be
`
`used to set a Certificate Authority Scheme such as the one shown schematically in Figure1.
`
`Typically, computing devices are identified by hardware serial numbers or softwarefiles
`
`called keys. Both are easily obtainable by third parties and can be used against the legal owner
`
`of the information. Publication and use of hardware serial numbers are also considered by many
`as a breach ofpersonal freedom. Keys are software files which can beeasily stolen, thus placing
`a tremendous responsibility on the owner of the keys. Mismanagement of keys have breached
`
`many security and copy protection systems. Most notably, CSS, the copy protection scheme on
`
`DVDmovies, was broken one year after its public debut resulting in a loss of copy protection for
`
`the remaining lifecycle of DVD movies and multi-billion dollar losses to the movie industry.
`
`Both serial numbers and keys can be metaphorically considered as passports, driver's licenses or
`
`birth certificates to humans. However when we need to identify someone with a higher degree
`
`of confidence one must resort to biometric techniques.
`
`It is easier to falsify the documents
`
`identifying a person than their physical characteristics.
`
`The present
`
`invention provides a methodology for identification that possesses an
`
`arbitrary degree of confidence. The method develops a fingerprint based on measurements of
`
`analog artifacts exposed during processing by a particular computing device. In the context of
`
`the present invention, a computing device refers to a single processing unit or to several
`
`processing units interconnected to form a network.
`
`3
`
`
`
`[E020479
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG.1 illustrates a certificate authority schemeusinga priorart fingerprint technology.
`
`FIG. 2 illustrates a method of analysis consisting of measuring the deviations from a
`
`linear regression modelof the data obtained inafirst set of m tests.
`
`FIG.3 illustrates a flow chart of development of a CMOSfingerprint.
`
`Fig. 4 illustrates a network fingerprinting scheme.
`
`DETAILED DESCRIPTION OF PREFERRED EMBODIMENT
`
`A minimal model of a ‘device' that is to be identified is one composed ofat least a
`
`processing unit (CPU), a memory unit (MEM comprising RAM and ROM)and a clock (CLK)
`
`that sets the pace and synchronizes the operation of the component parts. Most practical devices
`
`will have additional storage devices (disk,
`
`tapes), communications devices (network cards,
`
`modems) and interfacing devices controllers
`
`(video, keyboards, mouse, etc). Software,
`
`communication protocols and processes can be considered as integrating parts of the system for
`
`identification purposes. Given the enormous variety of designs of computer systems,
`
`this
`
`classification is only descriptive of the functionality of the components, and is not provided as
`
`limiting in any sense.
`
`The most intrinsic effect of the physical layout of the components is a consequenceofthe
`
`finite speed at which information propagates inside a computer. The absolute limit at which the
`
`electrical impulses can travel is given by the (finite) speed of light (~2.99 x 10” m/sec). Table 1
`
`gives the order of magnitude of the times required for electrical impulses to clear some typical
`
`4
`
`
`
`1E020479
`
`distances found in modem computing hardware,
`
`From the measurements of propagation times in a computer hardware system, one can
`conclude that the physical layout (relative distance between components) ofa particular civenit
`
`has an influence on the response time of the corresponding device. Therefore, to discriminate
`
`between two different layouts a very refined clock is needed.
`
`However,
`
`in typical digital
`
`devices, it takes many information exchanges, whose number dependsontheparticular hardware
`
`and software being used, to access or process a particular piece of information. The combination
`
`of finite speed of propagation for the information and the necessary synchronization operations
`
`between diverse components,gives rise to random delays in response times called latency. This
`
`synchronization is often regulated by a common clock signal carried by the control bus. A
`
`conceptual connection between latency and entropy in a physical system can be made in the ©
`
`sense that latency is a measure of the degree of uncertainty aboutthestate of the system.
`
`In addition, in the manufacturing process of any device, there are tolerable imperfections
`
`introduced. These are differences that do not compromise the functionality of the device so long
`
`as component performance lies within certain bounds. For the purposes of the present invention,
`
`these imperfections are a way to characterize and distinguish a particular component from other
`
`components made in the same production line at an equivalent time (same processes, same
`
`equipment, same state for the production line). In principle, no two components possess exactly
`
`the same tolerable imperfections, therefore they should not respond in exactly the same wayto
`
`the same request. However, once a responseis established, e.g. propagation time, the response
`
`must be consistent, at least in a statistical sense, from trial to trial in order to be usable as an
`
`identifier.
`
`5
`
`
`
`IE 020429
`
`Differences in architecture result in systems providing different responses to the same
`
`stimuli, the response beingstatistically the same for the same machine and different for different
`
`machines. It is possible, in principle, to differentiate between systems through the analysis of
`
`their individual responses to identical stimuli.
`
`Distance
`
`Transistors inside a chip
`
`Across the chip Across the Motherboard
`
`Table 1: Time taken bya signaltraveling at light-speed inside a computer
`
`Strong candidates for use as such stimuli are read/write operations.
`
`Read/write
`
`operations are controlled by a memory controller which performslogical to physical translation
`
`processes tailored to each storage device. These controller processes comprise algorithms
`
`employing tables and directories in order to map between the device's physical storage addresses
`
`and logical addresses. The relatively long sequence of operations needed to store/retrieve a byte
`
`is slow, when compared to the electronic transit
`
`times. The average difference between
`
`electronic transit time and the time to store/retrieve a byte is the average latency of the storage
`
`device.
`
`As a non-limiting example, for solid state or dynamic random access memory (DRAM),
`
`the column access strobe (CAS) rating is used to describe how many clock cycles are required
`
`for a particular bit of information to be retrieved from a given storage device. CAS latency
`
`6
`
`
`
`IE 920499.
`
`refers to the number ofclock cycles it takes before a column can be addressed on a DRAM chip.
`
`Latencyis a measure of delay, so a 'CLn' CASlatency factor indicates an n-clock cycle delay.
`A different set of physical rules applies to mechanical storage devices meh as hard
`
`drives. In this case, the average retrieval timeis related to the rotation speed of the device, the
`
`deviations from the average being a consequenceof the dynamic characteristics of the device. In
`
`particular, the influence of turbulence has been documented as a source of uncertainty or latency.
`
`In the case of disks, the relatively long response times of the mechanical components are a
`
`determining factor in information retrieval
`
`time. However,
`
`the same general considerations
`
`concerning the function of the controller unit can be made,
`
`The general idea underlying the present invention can be stated simply as: Given a
`
`minimal appliance consisting of CPU + MEM + CLK,
`
`the latency and the tolerable
`
`imperfections in the components and in the assembly of the system together determine a
`
`particular probability distribution for each of the random variables governing the response times
`
`for a set of measurements. Knowledge of these statistical distributions can be used to
`
`characterize or identify a particular physical computer system. In other words, the method of the
`
`present invention magnifies and uses, for the purposes of identification, the analog effects that
`
`are inherent in the physical performance of a system comprising a plurality of cooperating digital
`
`devices and components.
`
`Another important source of implicit uniqueness is provided by the explicit intrinsic
`
`information concerning a system. This information is unique to each system, but is explicitly
`
`available to external entities (public) or to the operator/administrator of the system (private). For
`
`example, hardware type and serial numbers are unique to each system but they are exposed
`
`7
`
`
`
`IE020429
`
`explicitly to the operating system and the public and are,
`
`therefore, susceptible to being
`
`exploited.
`
`It is possible to associate some commonly used elements of computer identification with
`
`the concept of ID cardsor credentials given to people as meansofidentification or certification
`
`of identity. For example, the internet protocol (IP) address ofa particular node or the computer
`
`name inside a network act as unique identifiers in the same sense that telephone number and
`
`name act as unique identifiers for persons. This type of identifier can be arbitrarily changed at
`
`any time. In general, this type of identifier is publicly exposed as a mean of identification.
`
`Because of this public exposure, this information cannot be deemed as unique to a particular
`
`system. Further, two or more computers can be given the same name.
`
`There are some other pieces of information, such as the CPU serial number, that are
`
`unique to each system. These pieces of information can be moreorless difficult to obtain from
`
`outside the system, but are always exposed explicitly to the operating system. Table 2 illustrates
`
`some examples of identity information that can be used in an authentication scheme. For
`
`identification purposes, uniqueness is easily derivable from a mixture of information that is
`
`public and unique, however for authentication we need to have at least some private and unique
`
`information. Unconditional authentication can only be achieved if the private information is not
`
`explicit. Computer metrics can fulfill this last requirement because collection of such metrics
`
`requires overt stimulation of the system.
`
`8
`
`
`
`IE020429
`
`
`
`Y
`CPUSerial Number
`
`
`ep
`
`
`Network Card MAC Address
`
`
`ComputerMerics[YS
`
`
` PhpPayConiguaion[|(Y
`
`[Explicit|
`
`TiebvacLigandSpexfF
`t |
`
`SofwareLitaakewnei
`t||
`patiesSidSe
`|
`
`
`
`Table 2: Classification of somepieces of information available for identification of a computer
`system.
`
`One way to acquire information that possesses both intrinsic and implicit uniquenessis to
`
`perform timed tests on the devices and identify unique patterns in the statistical distributions of
`
`the measurements obtained. On most systems, the finest possible clock available for such
`
`purposes is the same system clock that the CPU utilizes to synchronize its functions. For
`
`example, on Intel® Pentium® chips there is a special 64-bit registry call the Time Stamp
`
`Counter (TSC) that records clock cycles.
`
`A set of intrinsically and implicitly unique information can be acquired by performing
`
`and timing a pre-arranged series of tasks. A preferred choice of tasks is one such that all
`
`different components of a system are tested with varying degrees of load. For example, the
`
`distribution of elapsed times for performing a combination of memory-swapping and processor
`
`intensive tasks, provides information concerning the architecture of a system.
`
`The combined information gathered from measurements involving more components of a
`
`system increases the degrees of freedom of the timing distributions, making it easier to
`
`8
`
`9
`
`
`
`IE 020499
`
`discriminate among systems. To achieve consistency, absolute control over the process to be
`
`measured must be maintained. For example, Windows 2000 on an Intel
`
`i386-based central
`
`processing unit
`
`(CPU) uses
`
`a distinct paging system for addressing virtual memory.
`
`Manufacturers employing this CPU claim, under normaloperation, to have a 90% hit rate on the
`
`cache (90% of memory accessesresult in addresses that are in pages in the cache and require no
`
`page swapping). Consistency ofstimuli, e.g., the same sequence of memory accesses, is required
`
`to override the Windows 2000 page caching system so that there is certainty that exactly the
`
`same phenomenonis measured every time measurementsare taken using a given stimuli.
`
`To find the characteristic time bounds for a certain system may require the collection of a
`
`considerable number of data points, depending on the precision sought
`
`for
`
`the system
`
`identification,i.e., the more bits desired in a fingerprint for a system, the more points neededto
`
`achieve effective differentiation between systems.
`
`A more efficient way to characterize a system employs information concerning the
`
`distribution of series of timing values, thereby reducing the quantity of trials needed to obtain a
`
`fingerprint of the required bit-length. A distribution can be characterized by its moments.It is
`
`standard to characterize probability distributions by their first and second moments (usually
`
`referred to as mean and variance respectively), but if more parameters are needed, higher order
`
`moments can be employed. Care shall be taken concerning the accuracy of these statistical
`
`values, i.e., the more points measured and included in these calculated moments, the lower the
`
`error in the calculation of these parameters. Therefore a minimum number of samples should be
`
`determined for the accuracy required. The number of samples measurements obtained is
`
`influenced by compromising between accuracy and speed.
`
`In a preferred embodiment,
`
`10
`
`10
`
`
`
`successive momentsofthe distributions ofseries of timing values to characterize a particular
`
`system will be calculated.
`
`Other possibilities for data analysis inchide obtaining integral parameters or deviations
`
`from these. As a non-limiting example, in a set of n measurements of a variable, the average
`
`taken over the first m <n samples can be calculated. This average is then used to calculate the
`
`variance of the rest of the observations with respect to the values obtained by using a linear
`
`regression model, as illustrated in Figure 2.
`
`The concept of fingerprinting can be extended to individualize an entire network of
`
`computers. Althoughstatistical analysis of network traffic patterns has been extensively studied
`
`in the context of Intrusion Detection Systems for network administration, see M. Burgess,
`
`“Thermal Non-Equilibrium Phase Space for Networked Computers”,
`
`Physics Review E,
`
`62:1736, 2000, the treatment of data is different for fingerprinting purposes.
`
`In the case of
`
`intrusion detection,
`
`the state of a computer system is defined as a function of the time
`
`consumption for a known task and the assumption is made that the time required for the
`
`computing network to perform this task is within certain bounds that uniquely characterize the
`
`system.
`
`In the context of fingerprinting applications, it may be necessary to have to partially or
`
`completely halt normal traffic on the network in order to develop a fingerprint that is unique to
`
`the network.
`
`As a further non-limiting example (and empirical proof of the concept), consider an
`
`experiment in which a simple code writes to the available 50 bytes of the CMOSin Intel
`
`Pentium chips of two nearly identical systems A and B. That is, A and B are two similar systems
`
`having the same architecture and components, running the same operating system, and with
`
`10
`
`11
`
`11
`
`
`
`IEC 20429
`
`serial numbers indicating manufacture at essentially the same point in time (using the identical
`
`production line).
`
`In this example, the time taken to fill the 50 bytes for a fixed number of
`
`repetitions is logged from the TSC registry. A flow chart ofthis procedureis illustrated in FIG.
`
`3. A fixed pattern of repetitions of the procedure results in a file with information about each
`
`repetition. Analysis ofstatistical parameters of logged series of measurementsrevealed thatit is
`
`possible to employ these time measurements to discriminate between such nearly identical
`
`systems. That is, it is possible to distinguish, with error probability less than 1/2, whether the
`
`flipping of 50 bytes is taking place in a particular system. Moreover, when the systems being
`
`measured are running under different environmental conditions, changes in the logged write
`
`times occur.
`
`In a personal computer, variousother possibilities exist for developmentof timeseries for
`
`accesses to devices on the PCI bus (network cards, graphics cards, etc.) and IDE devices (hard
`
`drives, disk drives, CD-ROMS,etc.). Information obtained for these devices provide more
`
`variety and possibilities for obtaining a fingerprint of the system.
`
`Thus, a unique identification for a system can be readily obtained and input
`
`to a
`
`fingerprint creation process. For device to device authentication, this explicit unique identity can
`
`be combined with intrinsic and private identity in a typical authentication scheme such as a hash
`
`based challenge-response or a zero knowledgeproof system.
`
`In a challenge-response system, System A sends a
`
`log-on request to System B and
`
`System B replies with a randomly generated "token" (or challenge). System A hashes the
`
`currently logged-on user's cryptographically protected password with the challenge and sendsthe
`
`resulting "response" to System B. System B receives the challenge-hashed response and
`
`1]
`
`12
`
`12
`
`
`
`IE020429
`
`compares it to what it knows to be the appropriate response. (System B takes a copy ofthe
`
`original token - which it generated - and hashesit against what it knowsto bethe user's password
`
`hash from its own database.) If the received response matches the expected response, System A
`
`is successfully authenticated to System B.
`
`A zero-knowledge proof is a protocol that proves that a person or system does have a
`
`piece of information, but
`
`it does not give away the piece of information or any way of
`
`determining the piece of information.
`
`To individualize a specific user, explicit and imtrinsic private uniqueness can be
`
`combined with a user's password or passphrase for a hash-based challenge-response or zero
`
`knowledge system. The combination of the user's passphrase and the computer's identification
`
`will suffice to track and identify a particular user.
`
`At a higher level in the computer other intrinsic uniqueness such as network location and
`
`data location can be employed. Network location can include routing information relative to
`
`other predetermined network locations such as average transmission and response times for these
`
`other locations. Data location can be measured in two ways. At a low level, read times can be
`
`measuredfor file locations on the hard disk that are not typically moved by disk defragmentation
`
`programs, and are repeatable. Thesefiles are typically system files first loaded onto the system
`
`during its initial installation. Conversely, read/write times can be measured for contents within a
`
`block on the hard drive in a location that
`
`is typically untouched by disk defragmentation
`
`programs, whichis also repeatable.
`
`At a still higher level, the user may wish to use a specific floppy disk and/or a CDROM
`
`to help identify the system. This approach has the disadvantage that the user must have the
`
`13
`
`13
`
`
`
`IE 020479
`
`identical disk or CD loaded on the system for taking measurements every time the system needs
`
`to be identified.
`
`Notall of these measurements need be made to develop an identification. Only a subset
`
`need be made. However, the measurements to be made must be determined prior to gathering
`
`the first identity and the identical measurements must be made every time the computeris to be
`
`identified.
`
`The present invention employs a mix of publicly and privately available information that
`
`can be used to uniquely identify a computer system. The identification process of the present
`
`invention can be implemented in such a way that no duplications or falsifications are possible,
`
`making it useful for a keyless authentication scheme with the consequent reduction in key
`
`management costs and weaknesses.
`
`The concept can be applied to scaled down (or minimal) devices and be used in copyright
`
`protection schemes. Also it can be extended up to identify and authenticate networks (Figure 4)
`
`of computers or to device copyright protection schemes for software.
`
`Although the present
`
`invention has been discussed in the context of specific
`
`embodiments, one skilled in the art will realize that other measurement than those included in
`
`this discussion can serve to uniquely identify devices, systems and networks. The specific
`
`embodiments are the preferred embodiments but are not presented as limiting in any sense.
`
`13
`
`14
`
`14
`
`
`
`Whatis claimedis:
`
`1.
`
`A methodfor identifying a computer system comprisingthe steps of:
`
`a. generating an authentication fingerprint of a first computer system
`
`comprising the steps of:
`
`i.
`
`gathering a first set of data comprising n > 1 timing sequences generated
`
`by at least one test that comprises measuring a circuit-level latency of at
`
`least one given operation by said at least one test being performed by
`
`said first computer system,
`
`il.
`
`creating a first secure connection to an identification server from said
`
`first computer system,
`
`ii.
`
`sending said gatheredfirst set of data to said identification server over
`
`said created first secure connection,
`
`iv.
`
`constructing an authentication fingerprint comprising a calculated
`
`statistical distribution of said n = 1 timing sequencesof said sentfirst set
`
`of data, and
`
`v.
`
`storing in a storage media said authentication fingerprint at said
`
`identification server;
`
`b.
`
`testing a second computer system for identity with said first computer system
`
`comprising the stepsof:
`
`i.
`
`gathering a second set ofdata as a verification sample comprising m 2 1
`
`timing sequences generated by said at least one test being performed by
`
`said second computer system,
`
`14
`
`15
`
`15
`
`
`
`IE9 20299
`
`iil.
`
`creating a second secure connection to said identification server from
`
`said second computer system,
`
`iii.
`
`sending said verification sample to said identification server over said
`
`created second secure connection,
`
`iv.
`
`comparing said m 2 1 timing sequencesofsaid verification sample with
`
`said authentication fingerprint to determine if said verification sample
`
`hes within saidstatistical distribution,
`
`vy.
`
`if step b.iv. succeeds, determining said first computer system and said
`
`second computer system to be identical, and
`
`vi.
`
`if step b.iv. fails, determining said first computer system and said second
`
`computer systemsto be not identical,
`
`wherein, m and n can be equalor different
`
`2.
`
`The method of claim 1, wherein said gathering steps ai. and b.i. each further
`
`gather at
`
`least one other physical parameter of said first and second computer system,
`
`respectively, wherein said other physical parameter comprises temperature.
`
`3,
`
`The method of any one of claims 1-2, wherein:
`
`said statistical distribution of step a.iv. is generated by cluster analysis calculating a 2n-
`
`dimensional elliptic ball (n= 1 ) based on said first set of data gathered from said first computer
`
`system; and
`
`said comparing step b.iv. determines if said verification sample lies within said elliptic
`
`ball.
`
`15
`
`16
`
`16
`
`
`
`EO 20429
`
`4,
`
`The method of any one of claims 1-3 wherein said statistical distribution is
`
`modelled by linear regression.
`
`5.
`
`The method of any one of claims 1-4 wherein said statistical distribution is
`
`modelled by a pattern-matching network.
`
`6.
`
`The method of claim 5 wherein said pattern-matching network is a neural
`
`network.
`
`7.
`
`The method of any one of claims 1-6 wherein, said statistical distribution is
`
`modelled by a combination ofat least two statistical modelling techniques.
`
`8.
`
`The method of claim 7 wherein said at least one of said at least two statistical
`
`modelling techniques is selected from the group consisting of cluster analysis and a pattern
`
`matching network.
`
`9.
`
`The method of any one of claims 1-8 whereim, at least one of said first set of data,
`
`said second set of data, said authentication fingerprint and said verification sample is encrypted
`
`prior to any one of sending over a connection and storing in a storage medium.
`
`10.
`
`The method of any one of claims 1-9 wherein at least one of said authentication
`
`fingerprint and said verification sample has been subjected to at least one of a minimum distance
`
`k 2 1 coding scheme and secure hash function prior to any one of sending over a connection and
`
`storing in a storage medium.
`
`11,
`
`The method of any of claims 1-10 wherein a zero-knowledge proof system is used
`
`on a least one sample in order to authenticate the computer system producing the verification
`
`samples to a given confidencelevel.
`
`17
`
`17
`
`
`
`IE020429
`
`12.
`
`The method of any of claims 1-11 wherein said first and second computer systems
`
`each further comprises:
`
`a.
`
`at least one CPU
`
`b.
`
`at least one bank of memoryhavingat least one portion;
`
`c.
`
`at least one bus, said bus being shared by said at least one CPU andsaidatleast
`
`one bank of memory; and
`
`d.
`
`at least one clock sharing said at least one bus.
`
`13.
`
`The method of any of claims 1-11 wherein, each ofsaid first and secondsets of
`
`data further comprises at
`
`least one other computer system identifier selected from the set
`
`consisting of addresses of hardware interfaces and system addressable hardware serial numbers,
`
`wherein the same computer system identifiers are contained in both said first and secondsets of
`
`data.
`
`14.
`
`The method of any of claims 1-11 wherein, each ofsaid first and second sets of
`
`data further comprises at
`
`least one other computer system identifier selected from the set
`
`consisting of IP address of a device interface, hostname, user name, and combined serial and
`
`version numbers of application software and operating system, wherein the same computer
`
`system identifiers are contained in bothsaid first and secondsets of data.
`
`15.|The method of claim 12 wherein:
`
`said at least one portion of said memory bank consists of one of CMOS memory and
`
`system RAM; and
`
`said at least one test measuressaid circuit-level latency of said at least one portion of said
`
`memory bank.
`
`17
`
`18
`
`18
`
`
`
`16.|The method of any of claims 1-15 wherein:
`
`IE 020499
`
`each of said first and said second systems further comprisesa hard disk storage; and
`
`said at least one test measuressaid circuit-level latency ofsaid hard disk storage.
`
`17.
`
`The method of any of claims 1-16 wherein:
`
`eachof said first and second computer systems further comprises at least one addressable
`
`intemal device; and
`
`said at least one test measuressaid circuit-level latency of said at least one addressable
`
`internal device,
`
`18.
`
`The method of any of claims 1-17 wherein:
`
`each of said first and said second computer systems further comprises at least one
`
`addressable external device; and
`
`said at least one test measures said circuit-level latency of said at least one addressable
`
`external device.
`
`19.
`
`The method of any one of claims 1-18 wherein:
`
`each of said first and second computer systems comprises LANs having nodesthat are
`
`physically connected by cables; and
`
`said at least one test further comprises measuring the latency of network operations.
`
`20.
`
`The method of any one of claims 1-19 wherein, each ofsaid first and second
`
`computer systems comprises physically cabled devices.
`
`21,
`
`The method of claim 20 wherein said physically cabled devices are selected from
`
`the group consisting of ATMs,pointof sale terminals, and credit card validators.
`
`18
`
`19
`
`19
`
`
`
`lEucuagg
`
`22.
`
`The method of any of claims 1-21 wherein, each of said first and second computer
`
`systems comprises a wireless device connected to a server via a wireless LAN protocol.
`
`23.
`
`The method of any of claims 1-22 wherein:
`
`each of said first and second computers system comprises a handheld wireless device;
`
`and
`
`said identification server comprises a basestation.
`
`24.
`
`The method of any of claims 1-23 wherein:
`
`each of said first and second computer systems further comprises a biometric scanning
`
`device; and
`
`said identification server comprises a database of both device fingerprints and the
`
`scanned biometric.
`
`25.
`
`The use of the method of anyof claims 1-24 in a digital signature scheme wherein
`
`the originating deviceis a part or full proxy for the signer.
`
`26.
`
`The use of the method of any of claims 1-25 in combination with existing digital
`
`signature schemes.
`
`27.
`
`The use of the method of any of claims 1-26 in an authentication scheme wherein,
`
`said first computer system is an originating device andis an entity to be authenticated.
`
`28.
`
`The use of the method of any of claims 1-27 in an authentication scheme wherein,
`
`an originating device and a user are together considered as an entity to be authenticated.
`
`29.
`
`The use of method of any of claims 1-28 in combination with existing
`
`authentication systems.
`
`19
`
`20
`
`20
`
`
`
`
`
`1. Alice and Bob contact the certificate authority (CA)to initiate the session.
`2. CA request Alice and Bob to run Fingerprint Task and return a hashed version of
`their Finger Prints,
`3. CA checks answers against his recorded values and sends Symmetrie Keys (SK)to
`Alice and Bob.
`
`21
`
`21
`
`
`
`
`
`samples
`
`Figure 2
`
`22
`
`22
`
`
`
`EO 2040,
`
`« CMOS-FP-1.3 Flow Chart
`
`Se T= 100
`
`
`
`Fingerprint read( }
`
`(Conrputes the time #t takes to
`
`fiip SO bytes m CMOS J
`tes}
`
`
`to logfile
`
`Log Time
`
`Repest 500 times
`
`Seti=it5
`
`Repeat Until J= 155
`
`Figure 3
`
`23
`
`23
`
`
`
`e204,
`
`LAN Fingerprint
`
`
`
`40
`Receive FP
`
`
`
`
`
`Return Results
`and Timing
`
`Figure 4
`
`24
`
`24
`
`