RAM-ramming Rowhammer is back – to uniquely fingerprint devices

2023-07-05 21:14

Boffins at the University of California, Davis have devised a purportedly practical way to apply a memory abuse technique called Rowhammer to build unique, stable device fingerprints.

UC Davis researchers Hari Venugopalan, Kaustav Goswami, Zainul Abi Din, Jason Lowe-Power, Samuel King, and Zubair Shafiq have found they can use Rowhammer to create device fingerprints in a brief amount of time that are unique and unchanging, even when the devices come from the same maker, with identical hardware and software configurations.

The key thing to understand here is that when performing Rowhammer-like attacks on memory, the way the RAM reacts and the distribution of bits that flip is unique to each computer's memory, and that can be used to fingerprint the machine.

First proposed in 2014, Rowhammer is a way to induce memory errors in modern DRAM chips by repeatedly "Hammering" rows of memory cells with a burst of read or write operations.

Rather it looks at contiguous 2MB chunks of memory addresses for a unique set of flipped bits when a Rowhammer attack takes place.

"Centauri is the first technique to demonstrate the extraction of unique and stable fingerprints on the largest scale using Rowhammer while overcoming practical limitations enforced by the operating system and by Rowhammer mitigations such as TRR," they explain.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/07/05/rowhammer_memory_identification/

#fingerprint #rowhammer