Deniable Thumbdrive?
John Kelsey
kelsey.j at ix.netcom.com
Sun Jan 26 19:16:52 PST 2003
At 10:06 PM 1/24/03 +0100, Eugen Leitl wrote:
...
>Frankly, the fingerprint is a lousy secret: you leak it all over the
>place. You can't help it, unless you're wearing gloves all the time. Ditto
>DNA.
That's generally true of biometrics. Unless taking the measurement is so
intrusive it's obvious when it's taken (e.g., maybe the geometry of your
sinus cavities or some such thing that requires a CAT scan to measure
properly), there's no secret. People constantly seem to get themselves in
trouble trying to use biometrics in a system as though they were secret.
The best you can usually do is to make it moderately expensive and
difficult to actually copy the biometric in a way that will fool the
reader. But this is really hard. In fact, making special-purpose devices
that are hard to copy or imitate is pretty difficult. It seems enormously
harder to find a hard-to-copy, easy-to-use "token" that just happens to
come free with a normal human body.
I think the best way to think about any biometric is as a very cheap,
moderately hard to copy identification token. Think of it like a good ID
card that just happens to be very hard to misplace or lend to your friends.
--John Kelsey, kelsey.j at ix.netcom.com
More information about the cypherpunks-legacy
mailing list