[liberationtech] iPhone5S Fingerprint and 5th amendment
Matt Mackall
mpm at selenic.com
Wed Sep 11 09:04:44 PDT 2013
On Wed, 2013-09-11 at 08:42 -0700, Peat Bakke wrote:
> Are there any reasons why fingerprint data couldn't be treated with the
> same concern as passwords? That is, subject to a one-way hash before being
> stored, transmitted in signed payloads, etc?
>
> I'm not sure how securing this data would be different than passwords --
> and given how much unique data can be generated from a fingerprint, it
> should be significantly better than John Doe's 8 character password.
Fingerprint matching (like just about anything analog) is not going to
be error or noise-free, and thus will have to work on something less
than a 100% perfect match. Thus, comparing cryptographic hashes of the
input with a stored hash won't work: any single bit change in the input
will completely change the hash.
Similarly, any other sort of one-way algorithm that prevents you from
reconstructing a valid input from the stored data is not going to work.
--
Mathematics is the supreme nostalgia of our time.
More information about the liberationtech
mailing list