Problem is, you could probably look at the data for an image and set of biometric data and the size would likely be the same.
this i doubt. i mean, not necessarily. it all depends, doesnt it?
lets say you give me a satellite pic of 10km² of terrain — colour-coded with topographical data.
i assess that image, and identify 6 mountains/hills (ideally, dispersed, like two from each quadrant), storing the max elevation of each, the cross-sectional area of each at a range of elevations, such that i now have a 'signature' of each individual mountain. i then include the geometric distances between each of these 6 mountains/hills to each other in my stored data.
thats vastly less data than the original image, and yet, you could throw pictures of terrain at me all day i could could probably identify the presence of that exact location with a reasonable degree of accuracy.
i suppose this would be like very crude 'minutia-based' matching. processing would be slow. it would be hugely vulnerable to variations in the quality of source images, and the margins of error in my own metrics, and would probably fail in the case of very similar terrain -- but its easy to see how all of these factors could be constrained/eliminated by storing only slightly more data. even something as data-heavy as storing bitmapped silhouettes of cross-sections of each mountain would pale in comparison to the original image.
Biometric of course being unobtrusive similarly to a password hash. Though I imagine that a biometric password could easily be reverse-engineered to create multiple different working "copies". But in the sense of cloning a fingerprint, next to useless.
yes, thats my guess too.
@Master_Sythe, in the case of my example, a person aware of my method and able to read and understand my stored data could create endless fake images to trick my terrain matching system, yes, but they would not be able to reconstruct the original terrain itself — not even close. they would only end up with knowledge of the relative positions of 6 fake mountains of roughly the right shape in a sea of emptiness. that information would be all but useless for fooling another terrain matching algorithm, even if the other's method was only slightly different.
then, if you factor in the possibilities that:-
a) my algorithm is unknown to a potential faker
b) i dont actually store the metric data when creating the "key" but only a hash of it
it would be pretty damned safe.
in case this still isnt clear, if you suppose my algorithm was STUPIDLY inefficient and unoptimised, the authentication process would be one of scanning in each potential matching image into RAM, identifying every single mountail/hill in it, and then for every single possible combination of 6 of these, reducing them algorithmically to a string of metric data, and finally generating a hash on this data for comparison against the original stored hash. at no point would any image, neither the originally scanned 'key' nor successive scans ever need to be stored in non-volatile memory.
really, i see little theoretical reason why fingerprint scanning cant be made 99.99% trustworthy at the hardware level, but yeah....i wouldnt be surprised if there are vulnerabilities in many implementations...
Edited by @~thehung, 25 May 2017 - 07:41 PM.