----- Forwarded message from Joseph Lorenzo Hall
On Wed, Sep 11, 2013 at 11:04:44AM -0500, Matt Mackall wrote:
Similarly, any other sort of one-way algorithm that prevents you from reconstructing a valid input from the stored data is not going to work.
Typical fingerprint matching uses classification, recognizing and encoding multiple features into a vector. You could use a one-way hash on that vector. This is likely subject to a precompiled hash lookup table attack, as the number of all possible fingerprints, quantized via a classification vector is not that large.
There's a good deal of existing research out there on using symmeteric hashes -- a hash that can accept discrete inputs in arbitrary order and always calculate to the same value -- for secure biometric template storage and matching. Here is a paper I point people to that many of you will find absolutely fascinating (although it's been some years so do check citations pointing to this for further work): Sergey Tulyakov, Faisal Farooq, Praveer Mansukhani, & Venu Govindaraju. (2007). Symmetric hash functions for secure fingerprint biometric systems. Pattern Recognition Letters, 28(16), 2427–2436. Retrieved from http://www.researchgate.net/publication/222570842_Symmetric_hash_functions_f... -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8 ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5