----- Forwarded message from Joseph Lorenzo Hall <joe@cdt.org> ----- Date: Wed, 11 Sep 2013 13:27:42 -0400 From: Joseph Lorenzo Hall <joe@cdt.org> To: liberationtech <liberationtech@lists.stanford.edu> CC: Eugen Leitl <eugen@leitl.org> Subject: Re: [liberationtech] iPhone5S Fingerprint and 5th amendment User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 On 9/11/13 12:08 PM, Eugen Leitl wrote:
On Wed, Sep 11, 2013 at 11:04:44AM -0500, Matt Mackall wrote:
Similarly, any other sort of one-way algorithm that prevents you from reconstructing a valid input from the stored data is not going to work.
Typical fingerprint matching uses classification, recognizing and encoding multiple features into a vector. You could use a one-way hash on that vector. This is likely subject to a precompiled hash lookup table attack, as the number of all possible fingerprints, quantized via a classification vector is not that large.
There's a good deal of existing research out there on using symmeteric hashes -- a hash that can accept discrete inputs in arbitrary order and always calculate to the same value -- for secure biometric template storage and matching. Here is a paper I point people to that many of you will find absolutely fascinating (although it's been some years so do check citations pointing to this for further work): Sergey Tulyakov, Faisal Farooq, Praveer Mansukhani, & Venu Govindaraju. (2007). Symmetric hash functions for secure fingerprint biometric systems. Pattern Recognition Letters, 28(16), 2427–2436. Retrieved from http://www.researchgate.net/publication/222570842_Symmetric_hash_functions_f... -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8 ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5