Oifig Na
`bPaitinni
`
`Office
`
`The
`Patents
`
`IE 02/0429
`
`ABSTRACT
`
`"SYSTEM METHOD FOR IDENTIFICATION AND AUTHENTICATION OF
`INFORMATION PROCESSING DEVICES"
`
`A system to obtain unique fingerprints from computer equipmentis presented. The
`
`system is able to probabilistically discriminate between two computers with an
`
`arbitrary degree of certainty, The Fingerprint of a system is obtained as a combination
`
`of information that is unique to the hardware and information aboutits configuration
`
`and state. <Fig.4>
`
`1
`
`GOOGLE 1005
`
`1
`
`GOOGLE 1005
`
`
`bPaitinni
`
`Office
`
`The
`Patents
`
`IE 02/0429
`
`ABSTRACT
`
`"SYSTEM METHOD FOR IDENTIFICATION AND AUTHENTICATION OF
`INFORMATION PROCESSING DEVICES"
`
`A system to obtain unique fingerprints from computer equipmentis presented. The
`
`system is able to probabilistically discriminate between two computers with an
`
`arbitrary degree of certainty, The Fingerprint of a system is obtained as a combination
`
`of information that is unique to the hardware and information aboutits configuration
`
`and state. <Fig.4>
`
`1
`
`GOOGLE 1005
`
`1
`
`GOOGLE 1005
`
`
`
`is
`.
`{RRoPcraekRearaetnasane
`
`NL
`
`IE 020429
`
`
`
`SB
`Sho EH Hie ‘i te
`IAUE Copy
`EP
`aoe,
`FOP
`sah ot, Br,
`
`PNDFETEbe
`
`
`SYSTEM AND METHODFOR IDENTIFICATION AND AUTHENTICATI
`INFORMATION PROCESSING DEVICES
`
`BACKGROUND OF THE INVENTION
`
`1.
`
`Field of the Invention
`
`The present
`
`invention relates to the field of digital devices and systems. More
`
`particularly, the present invention relates to identifying such digital devices and systems.
`
`2.
`
`Discussion of Related Art
`
`At present no universally accepted method exists for developing measurements which
`
`uniquely identify a digital device or system based on their physical characteristics. Such an
`
`identification method is highly desirable for authenticating remote access providers. Copyright
`
`infringement could be prevented by authenticating the system on which music is being played,
`
`videos are being displayed, and software is being executed using a unique identifier based on the
`
`physical characteristics of the system. Any system providing use on a restricted basis can benefit
`
`from the security provided by unique identifiers based on physical device properties.
`
`Theprior art fails to provide a unique identifier that is immuneto tampering.
`
`SUMMARY OF THE INVENTION
`
`A unique and private identifier that provides discrimination between two digital devices
`
`exemplified hereinafter by computers (and in general, two electronic appliances) is important for
`
`
`
`OPEN TO: PUBLIC INSPecTps OMMe LIS!op IT Sex5. |
`
`1
`
`i
`
`PRRecCei
`|
`almacite:
`Cet|
`
`tetegne,
`
`2
`
`
`
`E2049
`
`ensuring security and accountability in many applications. For cryptographic applications, the
`
`availability of a computer fingerprint that cannot be faked or duplicated by an attacker can be
`
`used to set a Certificate Authority Scheme such as the one shown schematically in Figure1.
`
`Typically, computing devices are identified by hardware serial numbers or softwarefiles
`
`called keys. Both are easily obtainable by third parties and can be used against the legal owner
`
`of the information. Publication and use of hardware serial numbers are also considered by many
`as a breach ofpersonal freedom. Keys are software files which can beeasily stolen, thus placing
`a tremendous responsibility on the owner of the keys. Mismanagement of keys have breached
`
`many security and copy protection systems. Most notably, CSS, the copy protection scheme on
`
`DVDmovies, was broken one year after its public debut resulting in a loss of copy protection for
`
`the remaining lifecycle of DVD movies and multi-billion dollar losses to the movie industry.
`
`Both serial numbers and keys can be metaphorically considered as passports, driver's licenses or
`
`birth certificates to humans. However when we need to identify someone with a higher degree
`
`of confidence one must resort to biometric techniques.
`
`It is easier to falsify the documents
`
`identifying a person than their physical characteristics.
`
`The present
`
`invention provides a methodology for identification that possesses an
`
`arbitrary degree of confidence. The method develops a fingerprint based on measurements of
`
`analog artifacts exposed during processing by a particular computing device. In the context of
`
`the present invention, a computing device refers to a single processing unit or to several
`
`processing units interconnected to form a network.
`
`3
`
`
`
`[E020479
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG.1 illustrates a certificate authority schemeusinga priorart fingerprint technology.
`
`FIG. 2 illustrates a method of analysis consisting of measuring the deviations from a
`
`linear regression modelof the data obtained inafirst set of m tests.
`
`FIG.3 illustrates a flow chart of development of a CMOSfingerprint.
`
`Fig. 4 illustrates a network fingerprinting scheme.
`
`DETAILED DESCRIPTION OF PREFERRED EMBODIMENT
`
`A minimal model of a ‘device' that is to be identified is one composed ofat least a
`
`processing unit (CPU), a memory unit (MEM comprising RAM and ROM)and a clock (CLK)
`
`that sets the pace and synchronizes the operation of the component parts. Most practical devices
`
`will have additional storage devices (disk,
`
`tapes), communications devices (network cards,
`
`modems) and interfacing devices controllers
`
`(video, keyboards, mouse, etc). Software,
`
`communication protocols and processes can be considered as integrating parts of the system for
`
`identification purposes. Given the enormous variety of designs of computer systems,
`
`this
`
`classification is only descriptive of the functionality of the components, and is not provided as
`
`limiting in any sense.
`
`The most intrinsic effect of the physical layout of the components is a consequenceofthe
`
`finite speed at which information propagates inside a computer. The absolute limit at which the
`
`electrical impulses can travel is given by the (finite) speed of light (~2.99 x 10” m/sec). Table 1
`
`gives the order of magnitude of the times required for electrical impulses to clear some typical
`
`4
`
`
`
`1E020479
`
`distances found in modem computing hardware,
`
`From the measurements of propagation times in a computer hardware system, one can
`conclude that the physical layout (relative distance between components) ofa particular civenit
`
`has an influence on the response time of the corresponding device. Therefore, to discriminate
`
`between two different layouts a very refined clock is needed.
`
`However,
`
`in typical digital
`
`devices, it takes many information exchanges, whose number dependsontheparticular hardware
`
`and software being used, to access or process a particular piece of information. The combination
`
`of finite speed of propagation for the information and the necessary synchronization operations
`
`between diverse components,gives rise to random delays in response times called latency. This
`
`synchronization is often regulated by a common clock signal carried by the control bus. A
`
`conceptual connection between latency and entropy in a physical system can be made in the ©
`
`sense that latency is a measure of the degree of uncertainty aboutthestate of the system.
`
`In addition, in the manufacturing process of any device, there are tolerable imperfections
`
`introduced. These are differences that do not compromise the functionality of the device so long
`
`as component performance lies within certain bounds. For the purposes of the present invention,
`
`these imperfections are a way to characterize and distinguish a particular component from other
`
`components made in the same production line at an equivalent time (same processes, same
`
`equipment, same state for the production line). In principle, no two components possess exactly
`
`the same tolerable imperfections, therefore they should not respond in exactly the same wayto
`
`the same request. However, once a responseis established, e.g. propagation time, the response
`
`must be consistent, at least in a statistical sense, from trial to trial in order to be usable as an
`
`identifier.
`
`5
`
`
`
`IE 020429
`
`Differences in architecture result in systems providing different responses to the same
`
`stimuli, the response beingstatistically the same for the same machine and different for different
`
`machines. It is possible, in principle, to differentiate between systems through the analysis of
`
`their individual responses to identical stimuli.
`
`Distance
`
`Transistors inside a chip
`
`Across the chip Across the Motherboard
`
`Table 1: Time taken bya signaltraveling at light-speed inside a computer
`
`Strong candidates for use as such stimuli are read/write operations.
`
`Read/write
`
`operations are controlled by a memory controller which performslogical to physical translation
`
`processes tailored to each storage device. These controller processes comprise algorithms
`
`employing tables and directories in order to map between the device's physical storage addresses
`
`and logical addresses. The relatively long sequence of operations needed to store/retrieve a byte
`
`is slow, when compared to the electronic transit
`
`times. The average difference between
`
`electronic transit time and the time to store/retrieve a byte is the average latency of the storage
`
`device.
`
`As a non-limiting example, for solid state or dynamic random access memory (DRAM),
`
`the column access strobe (CAS) rating is used to describe how many clock cycles are required
`
`for a particular bit of information to be retrieved from a given storage device. CAS latency
`
`6
`
`
`
`IE 920499.
`
`refers to the number ofclock cycles it takes before a column can be addressed on a DRAM chip.
`
`Latencyis a measure of delay, so a 'CLn' CASlatency factor indicates an n-clock cycle delay.
`A different set of physical rules applies to mechanical storage devices meh as hard
`
`drives. In this case, the average retrieval timeis related to the rotation speed of the device, the
`
`deviations from the average being a consequenceof the dynamic characteristics of the device. In
`
`particular, the influence of turbulence has been documented as a source of uncertainty or latency.
`
`In the case of disks, the relatively long response times of the mechanical components are a
`
`determining factor in information retrieval
`
`time. However,
`
`the same general considerations
`
`concerning the function of the controller unit can be made,
`
`The general idea underlying the present invention can be stated simply as: Given a
`
`minimal appliance consisting of CPU + MEM + CLK,
`
`the latency and the tolerable
`
`imperfections in the components and in the assembly of the system together determine a
`
`particular probability distribution for each of the random variables governing the response times
`
`for a set of measurements. Knowledge of these statistical distributions can be used to
`
`characterize or identify a particular physical computer system. In other words, the method of the
`
`present invention magnifies and uses, for the purposes of identification, the analog effects that
`
`are inherent in the physical performance of a system comprising a plurality of cooperating digital
`
`devices and components.
`
`Another important source of implicit uniqueness is provided by the explicit intrinsic
`
`information concerning a system. This information is unique to each system, but is explicitly
`
`available to external entities (public) or to the operator/administrator of the system (private). For
`
`example, hardware type and serial numbers are unique to each system but they are exposed
`
`7
`
`
`
`IE020429
`
`explicitly to the operating system and the public and are,
`
`therefore, susceptible to being
`
`exploited.
`
`It is possible to associate some commonly used elements of computer identification with
`
`the concept of ID cardsor credentials given to people as meansofidentification or certification
`
`of identity. For example, the internet protocol (IP) address ofa particular node or the computer
`
`name inside a network act as unique identifiers in the same sense that telephone number and
`
`name act as unique identifiers for persons. This type of identifier can be arbitrarily changed at
`
`any time. In general, this type of identifier is publicly exposed as a mean of identification.
`
`Because of this public exposure, this information cannot be deemed as unique to a particular
`
`system. Further, two or more computers can be given the same name.
`
`There are some other pieces of information, such as the CPU serial number, that are
`
`unique to each system. These pieces of information can be moreorless difficult to obtain from
`
`outside the system, but are always exposed explicitly to the operating system. Table 2 illustrates
`
`some examples of identity information that can be used in an authentication scheme. For
`
`identification purposes, uniqueness is easily derivable from a mixture of information that is
`
`public and unique, however for authentication we need to have at least some private and unique
`
`information. Unconditional authentication can only be achieved if the private information is not
`
`explicit. Computer metrics can fulfill this last requirement because collection of such metrics
`
`requires overt stimulation of the system.
`
`8
`
`
`
`IE020429
`
`
`
`Y
`CPUSerial Number
`
`
`ep
`
`
`Network Card MAC Address
`
`
`ComputerMerics[YS
`
`
` PhpPayConiguaion[|(Y
`
`[Explicit|
`
`TiebvacLigandSpexfF
`t |
`
`SofwareLitaakewnei
`t||
`patiesSidSe
`|
`
`
`
`Table 2: Classification of somepieces of information available for identification of a computer
`system.
`
`One way to acquire information that possesses both intrinsic and implicit uniquenessis to
`
`perform timed tests on the devices and identify unique patterns in the statistical distributions of
`
`the measurements obtained. On most systems, the finest possible clock available for such
`
`purposes is the same system clock that the CPU utilizes to synchronize its functions. For
`
`example, on Intel® Pentium® chips there is a special 64-bit registry call the Time Stamp
`
`Counter (TSC) that records clock cycles.
`
`A set of intrinsically and implicitly unique information can be acquired by performing
`
`and timing a pre-arranged series of tasks. A preferred choice of tasks is one such that all
`
`different components of a system are tested with varying degrees of load. For example, the
`
`distribution of elapsed times for performing a combination of memory-swapping and processor
`
`intensive tasks, provides information concerning the architecture of a system.
`
`The combined information gathered from measurements involving more components of a
`
`system increases the degrees of freedom of the timing distributions, making it easier to
`
`8
`
`9
`
`
`
`IE 020499
`
`discriminate among systems. To achieve consistency, absolute control over the process to be
`
`measured must be maintained. For example, Windows 2000 on an Intel
`
`i386-based central
`
`processing unit
`
`(CPU) uses
`
`a distinct paging system for addressing virtual memory.
`
`Manufacturers employing this CPU claim, under normaloperation, to have a 90% hit rate on the
`
`cache (90% of memory accessesresult in addresses that are in pages in the cache and require no
`
`page swapping). Consistency ofstimuli, e.g., the same sequence of memory accesses, is required
`
`to override the Windows 2000 page caching system so that there is certainty that exactly the
`
`same phenomenonis measured every time measurementsare taken using a given stimuli.
`
`To find the characteristic time bounds for a certain system may require the collection of a
`
`considerable number of data points, depending on the precision sought
`
`for
`
`the system
`
`identification,i.e., the more bits desired in a fingerprint for a system, the more points neededto
`
`achieve effective differentiation between systems.
`
`A more efficient way to characterize a system employs information concerning the
`
`distribution of series of timing values, thereby reducing the quantity of trials needed to obtain a
`
`fingerprint of the required bit-length. A distribution can be characterized by its moments.It is
`
`standard to characterize probability distributions by their first and second moments (usually
`
`referred to as mean and variance respectively), but if more parameters are needed, higher order
`
`moments can be employed. Care shall be taken concerning the accuracy of these statistical
`
`values, i.e., the more points measured and included in these calculated moments, the lower the
`
`error in the calculation of these parameters. Therefore a minimum number of samples should be
`
`determined for the accuracy required. The number of samples measurements obtained is
`
`influenced by compromising between accuracy and speed.
`
`In a preferred embodiment,
`
`10
`
`10
`
`
`
`successive momentsofthe distributions ofseries of timing values to characterize a particular
`
`system will be calculated.
`
`Other possibilities for data analysis inchide obtaining integral parameters or deviations
`
`from these. As a non-limiting example, in a set of n measurements of a variable, the average
`
`taken over the first m <n samples can be calculated. This average is then used to calculate the
`
`variance of the rest of the observations with respect to the values obtained by using a linear
`
`regression model, as illustrated in Figure 2.
`
`The concept of fingerprinting can be extended to individualize an entire network of
`
`computers. Althoughstatistical analysis of network traffic patterns has been extensively studied
`
`in the context of Intrusion Detection Systems for network administration, see M. Burgess,
`
`“Thermal Non-Equilibrium Phase Space for Networked Computers”,
`
`Physics Review E,
`
`62:1736, 2000, the treatment of data is different for fingerprinting purposes.
`
`In the case of
`
`intrusion detection,
`
`the state of a computer system is defined as a function of the time
`
`consumption for a known task and the assumption is made that the time required for the
`
`computing network to perform this task is within certain bounds that uniquely characterize the
`
`system.
`
`In the context of fingerprinting applications, it may be necessary to have to partially or
`
`completely halt normal traffic on the network in order to develop a fingerprint that is unique to
`
`the network.
`
`As a further non-limiting example (and empirical proof of the concept), consider an
`
`experiment in which a simple code writes to the available 50 bytes of the CMOSin Intel
`
`Pentium chips of two nearly identical systems A and B. That is, A and B are two similar systems
`
`having the same architecture and components, running the same operating system, and with
`
`10
`
`11
`
`11
`
`
`
`IEC 20429
`
`serial numbers indicating manufacture at essentially the same point in time (using the identical
`
`production line).
`
`In this example, the time taken to fill the 50 bytes for a fixed number of
`
`repetitions is logged from the TSC registry. A flow chart ofthis procedureis illustrated in FIG.
`
`3. A fixed pattern of repetitions of the procedure results in a file with information about each
`
`repetition. Analysis ofstatistical parameters of logged series of measurementsrevealed thatit is
`
`possible to employ these time measurements to discriminate between such nearly identical
`
`systems. That is, it is possible to distinguish, with error probability less than 1/2, whether the
`
`flipping of 50 bytes is taking place in a particular system. Moreover, when the systems being
`
`measured are running under different environmental conditions, changes in the logged write
`
`times occur.
`
`In a personal computer, variousother possibilities exist for developmentof timeseries for
`
`accesses to devices on the PCI bus (network cards, graphics cards, etc.) and IDE devices (hard
`
`drives, disk drives, CD-ROMS,etc.). Information obtained for these devices provide more
`
`variety and possibilities for obtaining a fingerprint of the system.
`
`Thus, a unique identification for a system can be readily obtained and input
`
`to a
`
`fingerprint creation process. For device to device authentication, this explicit unique identity can
`
`be combined with intrinsic and private identity in a typical authentication scheme such as a hash
`
`based challenge-response or a zero knowledgeproof system.
`
`In a challenge-response system, System A sends a
`
`log-on request to System B and
`
`System B replies with a randomly generated "token" (or challenge). System A hashes the
`
`currently logged-on user's cryptographically protected password with the challenge and sendsthe
`
`resulting "response" to System B. System B receives the challenge-hashed response and
`
`1]
`
`12
`
`12
`
`
`
`IE020429
`
`compares it to what it knows to be the appropriate response. (System B takes a copy ofthe
`
`original token - which it generated - and hashesit against what it knowsto bethe user's password
`
`hash from its own database.) If the received response matches the expected response, System A
`
`is successfully authenticated to System B.
`
`A zero-knowledge proof is a protocol that proves that a person or system does have a
`
`piece of information, but
`
`it does not give away the piece of information or any way of
`
`determining the piece of information.
`
`To individualize a specific user, explicit and imtrinsic private uniqueness can be
`
`combined with a user's password or passphrase for a hash-based challenge-response or zero
`
`knowledge system. The combination of the user's passphrase and the computer's identification
`
`will suffice to track and identify a particular user.
`
`At a higher level in the computer other intrinsic uniqueness such as network location and
`
`data location can be employed. Network location can include routing information relative to
`
`other predetermined network locations such as average transmission and response times for these
`
`other locations. Data location can be measured in two ways. At a low level, read times can be
`
`measuredfor file locations on the hard disk that are not typically moved by disk defragmentation
`
`programs, and are repeatable. Thesefiles are typically system files first loaded onto the system
`
`during its initial installation. Conversely, read/write times can be measured for contents within a
`
`block on the hard drive in a location that
`
`is typically untouched by disk defragmentation
`
`programs, whichis also repeatable.
`
`At a still higher level, the user may wish to use a specific floppy disk and/or a CDROM
`
`to help identify the system. This approach has the disadvantage that the user must have the
`
`13
`
`13
`
`
`
`IE 020479
`
`identical disk or CD loaded on the system for taking measurements every time the system needs
`
`to be identified.
`
`Notall of these measurements need be made to develop an identification. Only a subset
`
`need be made. However, the measurements to be made must be determined prior to gathering
`
`the first identity and the identical measurements must be made every time the computeris to be
`
`identified.
`
`The present invention employs a mix of publicly and privately available information that
`
`can be used to uniquely identify a computer system. The identification process of the present
`
`invention can be implemented in such a way that no duplications or falsifications are possible,
`
`making it useful for a keyless authentication scheme with the consequent reduction in key
`
`management costs and weaknesses.
`
`The concept can be applied to scaled down (or minimal) devices and be used in copyright
`
`protection schemes. Also it can be extended up to identify and authenticate networks (Figure 4)
`
`of computers or to device copyright protection schemes for software.
`
`Although the present
`
`invention has been discussed in the context of specific
`
`embodiments, one skilled in the art will realize that other measurement than those included in
`
`this discussion can serve to uniquely identify devices, systems and networks. The specific
`
`embodiments are the preferred embodiments but are not presented as limiting in any sense.
`
`13
`
`14
`
`14
`
`
`
`Whatis claimedis:
`
`1.
`
`A methodfor identifying a computer system comprisingthe steps of:
`
`a. generating an authentication fingerprint of a first computer system
`
`comprising the steps of:
`
`i.
`
`gathering a first set of data comprising n > 1 timing sequences generated
`
`by at least one test that comprises measuring a circuit-level latency of at
`
`least one given operation by said at least one test being performed by
`
`said first computer system,
`
`il.
`
`creating a first secure connection to an identification server from said
`
`first computer system,
`
`ii.
`
`sending said gatheredfirst set of data to said identification server over
`
`said created first secure connection,
`
`iv.
`
`constructing an authentication fingerprint comprising a calculated
`
`statistical distribution of said n = 1 timing sequencesof said sentfirst set
`
`of data, and
`
`v.
`
`storing in a storage media said authentication fingerprint at said
`
`identification server;
`
`b.
`
`testing a second computer system for identity with said first computer system
`
`comprising the stepsof:
`
`i.
`
`gathering a second set ofdata as a verification sample comprising m 2 1
`
`timing sequences generated by said at least one test being performed by
`
`said second computer system,
`
`14
`
`15
`
`15
`
`
`
`IE9 20299
`
`iil.
`
`creating a second secure connection to said identification server from
`
`said second computer system,
`
`iii.
`
`sending said verification sample to said identification server over said
`
`created second secure connection,
`
`iv.
`
`comparing said m 2 1 timing sequencesofsaid verification sample with
`
`said authentication fingerprint to determine if said verification sample
`
`hes within saidstatistical distribution,
`
`vy.
`
`if step b.iv. succeeds, determining said first computer system and said
`
`second computer system to be identical, and
`
`vi.
`
`if step b.iv. fails, determining said first computer system and said second
`
`computer systemsto be not identical,
`
`wherein, m and n can be equalor different
`
`2.
`
`The method of claim 1, wherein said gathering steps ai. and b.i. each further
`
`gather at
`
`least one other physical parameter of said first and second computer system,
`
`respectively, wherein said other physical parameter comprises temperature.
`
`3,
`
`The method of any one of claims 1-2, wherein:
`
`said statistical distribution of step a.iv. is generated by cluster analysis calculating a 2n-
`
`dimensional elliptic ball (n= 1 ) based on said first set of data gathered from said first computer
`
`system; and
`
`said comparing step b.iv. determines if said verification sample lies within said elliptic
`
`ball.
`
`15
`
`16
`
`16
`
`
`
`EO 20429
`
`4,
`
`The method of any one of claims 1-3 wherein said statistical distribution is
`
`modelled by linear regression.
`
`5.
`
`The method of any one of claims 1-4 wherein said statistical distribution is
`
`modelled by a pattern-matching network.
`
`6.
`
`The method of claim 5 wherein said pattern-matching network is a neural
`
`network.
`
`7.
`
`The method of any one of claims 1-6 wherein, said statistical distribution is
`
`modelled by a combination ofat least two statistical modelling techniques.
`
`8.
`
`The method of claim 7 wherein said at least one of said at least two statistical
`
`modelling techniques is selected from the group consisting of cluster analysis and a pattern
`
`matching network.
`
`9.
`
`The method of any one of claims 1-8 whereim, at least one of said first set of data,
`
`said second set of data, said authentication fingerprint and said verification sample is encrypted
`
`prior to any one of sending over a connection and storing in a storage medium.
`
`10.
`
`The method of any one of claims 1-9 wherein at least one of said authentication
`
`fingerprint and said verification sample has been subjected to at least one of a minimum distance
`
`k 2 1 coding scheme and secure hash function prior to any one of sending over a connection and
`
`storing in a storage medium.
`
`11,
`
`The method of any of claims 1-10 wherein a zero-knowledge proof system is used
`
`on a least one sample in order to authenticate the computer system producing the verification
`
`samples to a given confidencelevel.
`
`17
`
`17
`
`
`
`IE020429
`
`12.
`
`The method of any of claims 1-11 wherein said first and second computer systems
`
`each further comprises:
`
`a.
`
`at least one CPU
`
`b.
`
`at least one bank of memoryhavingat least one portion;
`
`c.
`
`at least one bus, said bus being shared by said at least one CPU andsaidatleast
`
`one bank of memory; and
`
`d.
`
`at least one clock sharing said at least one bus.
`
`13.
`
`The method of any of claims 1-11 wherein, each ofsaid first and secondsets of
`
`data further comprises at
`
`least one other computer system identifier selected from the set
`
`consisting of addresses of hardware interfaces and system addressable hardware serial numbers,
`
`wherein the same computer system identifiers are contained in both said first and secondsets of
`
`data.
`
`14.
`
`The method of any of claims 1-11 wherein, each ofsaid first and second sets of
`
`data further comprises at
`
`least one other computer system identifier selected from the set
`
`consisting of IP address of a device interface, hostname, user name, and combined serial and
`
`version numbers of application software and operating system, wherein the same computer
`
`system identifiers are contained in bothsaid first and secondsets of data.
`
`15.|The method of claim 12 wherein:
`
`said at least one portion of said memory bank consists of one of CMOS memory and
`
`system RAM; and
`
`said at least one test measuressaid circuit-level latency of said at least one portion of said
`
`memory bank.
`
`17
`
`18
`
`18
`
`
`
`16.|The method of any of claims 1-15 wherein:
`
`IE 020499
`
`each of said first and said second systems further comprisesa hard disk storage; and
`
`said at least one test measuressaid circuit-level latency ofsaid hard disk storage.
`
`17.
`
`The method of any of claims 1-16 wherein:
`
`eachof said first and second computer systems further comprises at least one addressable
`
`intemal device; and
`
`said at least one test measuressaid circuit-level latency of said at least one addressable
`
`internal device,
`
`18.
`
`The method of any of claims 1-17 wherein:
`
`each of said first and said second computer systems further comprises at least one
`
`addressable external device; and
`
`said at least one test measures said circuit-level latency of said at least one addressable
`
`external device.
`
`19.
`
`The method of any one of claims 1-18 wherein:
`
`each of said first and second computer systems comprises LANs having nodesthat are
`
`physically connected by cables; and
`
`said at least one test further comprises measuring the latency of network operations.
`
`20.
`
`The method of any one of claims 1-19 wherein, each ofsaid first and second
`
`computer systems comprises physically cabled devices.
`
`21,
`
`The method of claim 20 wherein said physically cabled devices are selected from
`
`the group consisting of ATMs,pointof sale terminals, and credit card validators.
`
`18
`
`19
`
`19
`
`
`
`lEucuagg
`
`22.
`
`The method of any of claims 1-21 wherein, each of said first and second computer
`
`systems comprises a wireless device connected to a server via a wireless LAN protocol.
`
`23.
`
`The method of any of claims 1-22 wherein:
`
`each of said first and second computers system comprises a handheld wireless device;
`
`and
`
`said identification server comprises a basestation.
`
`24.
`
`The method of any of claims 1-23 wherein:
`
`each of said first and second computer systems further comprises a biometric scanning
`
`device; and
`
`said identification server comprises a database of both device fingerprints and the
`
`scanned biometric.
`
`25.
`
`The use of the method of anyof claims 1-24 in a digital signature scheme wherein
`
`the originating deviceis a part or full proxy for the signer.
`
`26.
`
`The use of the method of any of claims 1-25 in combination with existing digital
`
`signature schemes.
`
`27.
`
`The use of the method of any of claims 1-26 in an authentication scheme wherein,
`
`said first computer system is an originating device andis an entity to be authenticated.
`
`28.
`
`The use of the method of any of claims 1-27 in an authentication scheme wherein,
`
`an originating device and a user are together considered as an entity to be authenticated.
`
`29.
`
`The use of method of any of claims 1-28 in combination with existing
`
`authentication systems.
`
`19
`
`20
`
`20
`
`
`
`
`
`1. Alice and Bob contact the certificate authority (CA)to initiate the session.
`2. CA request Alice and Bob to run Fingerprint Task and return a hashed version of
`their Finger Prints,
`3. CA checks answers against his recorded values and sends Symmetrie Keys (SK)to
`Alice and Bob.
`
`21
`
`21
`
`
`
`
`
`samples
`
`Figure 2
`
`22
`
`22
`
`
`
`EO 2040,
`
`« CMOS-FP-1.3 Flow Chart
`
`Se T= 100
`
`
`
`Fingerprint read( }
`
`(Conrputes the time #t takes to
`
`fiip SO bytes m CMOS J
`tes}
`
`
`to logfile
`
`Log Time
`
`Repest 500 times
`
`Seti=it5
`
`Repeat Until J= 155
`
`Figure 3
`
`23
`
`23
`
`
`
`e204,
`
`LAN Fingerprint
`
`
`
`40
`Receive FP
`
`
`
`
`
`Return Results
`and Timing
`
`Figure 4
`
`24
`
`24
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
