Abstract
We introduce a new technique for extracting unique fingerprints from identical CDs. The proposed technique takes advantage of manufacturing variability found in the length of the CD lands and pits. Although the variability measured is on the order of 20 nm, the technique does not require the use of microscopes or any advanced equipment. Instead, we show that the electrical signal produced by the photodetector inside the CD reader is sufficient to measure the desired variability. We investigate the new technique by analyzing data collected from 100 identical CDs and show how to extract a unique fingerprint for each CD. Furthermore, we introduce a technique for utilizing fuzzy extractors over the Lee metric without much change to the standard code offset construction. Finally, we identify specific parameters and a code construction to realize the proposed fuzzy extractor and convert the derived fingerprints into 128-bit cryptographic keys.
This material is based upon work supported by the National Science Foundation under Grant No. CNS-0831416.
Chapter PDF
Similar content being viewed by others
References
DeJean, G., Kirovski, D.: RF-DNA: radio-frequency certificates of authenticity. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 346–363. Springer, Heidelberg (2007)
Bauder, D.W.: An anti-counterfeiting concept for currency Systems. Research Report PTK-11990, Sandia National Labs, Albuquerque, NM, USA (1983)
Clarkson, W., Weyrich, T., Finkelstein, A., Heninger, N., Halderman, J.A., Felten, E.W.: Fingerprinting blank paper using commodity scanners. In: Proceedings of S&P 2009, Oakland, CA, May 2009. IEEE Computer Society, Los Alamitos (to appear, 2009)
Cowburn, R.P., Buchanan, J.D.R.: Verification of authenticity. US Patent Application 2007/0028093, July 27 (2006)
Agrawal, D., Baktir, S., Karakoyunlu, D., Rohatgi, P., Sunar, B.: Trojan detection using IC fingerprinting. In: Proceedings of S&P 2007, Oakland, California, USA, May 20-23, 2007, pp. 296–310. IEEE Computer Society, Los Alamitos (2007)
Lim, D., Lee, J.W., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Transactions on VLSI Systems 13(10), 1200–1205 (2005)
Ravikanth, P.S.: Physical One-Way Functions. PhD thesis, Department of Media Arts and Science, Massachusetts Institute of Technology, Cambridge, MA, USA (2001)
Tuyls, P., Schrijen, G.J., Skoric, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-proof hardware from protective coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006)
Carter, L., Wegman, M.: Universal hash functions. Journal of Computer and System Sciences 18(2), 143–154 (1979)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing 38(1), 97–139 (2008)
European Computer Manufacturers’ Association. Standard ECMA-130: Data interchange on read-only 120mm optical data disks (CD-ROM) (2nd edn.). ECMA, Geneva, Switzerland (1996)
Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)
Ignatenko, T., Schrijen, G.J., Skoric, B., Tuyls, P., Willems, F.: Estimating the secrecy-rate of physical unclonable functions with the context-tree weighting method. In: Proceedings of ISIT 2006, Seattle, Washington, USA, July 9-14, 2006, pp. 499–503. IEEE, Los Alamitos (2006)
Juels, A., Sudan, M.: A fuzzy vault scheme. Designs, Codes and Cryptography 38(2), 237–257 (2006)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of CCS 1999, pp. 28–36. ACM Press, New York (1999)
Lee, C.: Some properties of nonbinary error-correcting codes. IRE Transactions on Information Theory 4(2), 77–82 (1958)
Schift, H., David, C., Gabriel, M., Gobrecht, J., Heyderman, L.J., Kaiser, W., Köppel, S., Scandella, L.: Nanoreplication in polymers using hot embossing and injection molding. Microelectronic Engineering 53(1-4), 171–174 (2000)
Willems, F.M.J.: The context-tree weighting method: extensions. IEEE Transactions on Information Theory 44(2), 792–798 (1998)
Willems, F.M.J., Shtarkov, Y.M., Tjalkens, T.J.: The context-tree weighting method: basic properties. IEEE Transactions on Information Theory 41(3), 653–664 (1995)
Stinson, D., Ameli, F., Zaino, N.: Lifetime of Kodak writable CD and photo CD media. Eastman Kodak Company, Digital & Applied Imaging, NY, USA (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hammouri, G., Dana, A., Sunar, B. (2009). CDs Have Fingerprints Too. In: Clavier, C., Gaj, K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04138-9_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-04138-9_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04137-2
Online ISBN: 978-3-642-04138-9
eBook Packages: Computer ScienceComputer Science (R0)