1. Field
The present invention relates generally to security in computing environments, and more particularly, to a method and apparatus for using imperfections in computing devices for device authentication.
2. Background
A basic component of any security system is the authentication of not only the sender and receiver of secure communications or data, but also the devices that are used as part of the storage and communications process. Computing and digital storage devices have become commonplace for processing, storing and communicating digital information. In recent years, it has been a focus of the computing industry to make such devices secure.
One approach to securing devices is the introduction of secure components that have had a unique identity intentionally embedded into the components. These secure components are known in the art as “dongles.” Another approach is to embed a unique identifier into the component itself. An example of this in the art is the use of a secure computing platforms where the main central processing unit (CPU), or “processor,” features a hard coded serial number or encryption certificate that cannot be changed or modified after manufacture. Another example that is also currently in the art is hard disk serialization, where a unique number is permanently added or written to the hard disk for reference by the operating system.
One disadvantage of the above approaches to digital security and authentication is that the intentional predetermined identification of a device, such as by the use of a manufactured identifier or serialization number, is a specific and easily traced means of identification. This means that attackers and or reverse engineers have a specific and quantifiable target to initiate an attack on the security system.
Another disadvantage is the cost of manufacturing for coupling the manufactured identifiers to the medium to be protected or authenticated. Considerable effort and expense is usually associated with ensuring the manufactured identifiers cannot be separated from the computing or digital storage device. In the art much of the expense is associated with writing software that forces the data to verify the presence of and authenticate the manufactured identifier. Since the invention uses identifying information that is already present and measurable in the media or fiber to be protected, the cost of such authentication and identification process is greatly reduced.