Jump to content
Forum upgrade is live! Read more... ×
Sign in to follow this  
Master_Scythe

Fingerprint sensors; Secure?

Recommended Posts

Just a quick one.

 

I've read lots of articles, some are from paranoid people who claim that "If you store your fingerprint, now "THEY" have it!

 

Others, seem to claim that no fingerprint is stored.

And that it is in fact a metric that looks for POINTS on a fingerprint.

These points can be used to confirm the fingerprint is the same as the stored one, but couldn't be used to reconstruct a "fake fingerprint"

 

As I am a little paranoid, I'd prefer not to have a full scan of my fingerprints anywhere that could be 'hacked' or compromised, so I'm curious.

Share this post


Link to post
Share on other sites

I think the bigger risk is in trusting the things to be actually secure in their locking functionality. If you want someone's fingerprint it's not exactly hard to get it and duplicate. Remember the Mythbusters easily cracked a commercial fingerprint activated door lock, there's not a great deal they can do to distinguish fake from real.

  • Like 1

Share this post


Link to post
Share on other sites

I think the bigger risk is in trusting the things to be actually secure in their locking functionality. If you want someone's fingerprint it's not exactly hard to get it and duplicate. Remember the Mythbusters easily cracked a commercial fingerprint activated door lock, there's not a great deal they can do to distinguish fake from real.

 

Its not hard to et it if you're local.

It's not hard to get my wallet if you're local.

Local security isnt the concern.

Share this post


Link to post
Share on other sites

It was a door lock - probably normally implemented as some sort of networked black-box system. It was a while back though, probably 6-8 years.

Share this post


Link to post
Share on other sites

Once again, those articles brush on the topic but dont give a definitive answer.

Do phones, for example, store enough data to successfully "make my fingerprint" again?

Or do fingerprint scanners, theoretically, just lock a device down to the 0.1% of the population with "similar fingerprints"?

or is there a technique im missing?

 

Lets just say in light of WannaCry\EternalBlue, I'm a little more skeptical about what "stores your fingerprint securely" really means....

Share this post


Link to post
Share on other sites

https://en.wikipedia.org/wiki/Fingerprint_recognition

 

For what it's worth. Unclear but it seems that some systems use imaging and some use biometrics. Biometric of course being unobtrusive similarly to a password hash. Though I imagine that a biometric password could easily be reverse-engineered to create multiple different working "copies". But in the sense of cloning a fingerprint, next to useless.

 

Problem is, you could probably look at the data for an image and set of biometric data and the size would likely be the same. Imaging can be done as 1bpp to represent ridges and valleys and biometrics only really need coordinates, size, orientation etc for the features like arch, loop, swirl.

Share this post


Link to post
Share on other sites

https://en.wikipedia.org/wiki/Fingerprint_recognition

 

For what it's worth. Unclear but it seems that some systems use imaging and some use biometrics. Biometric of course being unobtrusive similarly to a password hash. Though I imagine that a biometric password could easily be reverse-engineered to create multiple different working "copies". But in the sense of cloning a fingerprint, next to useless.

 

Problem is, you could probably look at the data for an image and set of biometric data and the size would likely be the same. Imaging can be done as 1bpp to represent ridges and valleys and biometrics only really need coordinates, size, orientation etc for the features like arch, loop, swirl.

 

 

See I still have no grasp of what the hell all that means

I've read it, and it makes 0 sense to me.

It just keeps telling me how they map it, not what that data can be used for.

 

If I buy a new phone, and it wants my fingerprint, can people of any sort re-create my fingerprints from that data?

Share this post


Link to post
Share on other sites

The way I see it, if they have even some crappy 8K JPEG representing a print, it could probably be recreated to a fairly high degree of accuracy with high 90s % chance of a match to the real thing.

If they use biometrics where characteristics and relative coordinates are kept, a recreation would probably be poor value with under 80% chance of a match.

Share this post


Link to post
Share on other sites

The way I see it, if they have even some crappy 8K JPEG representing a print, it could probably be recreated to a fairly high degree of accuracy with high 90s % chance of a match to the real thing.

If they use biometrics where characteristics and relative coordinates are kept, a recreation would probably be poor value with under 80% chance of a match.

 

Thats still scarily high.

 

The sensor in question is this:

https://www.fingerprints.com/technology/hardware/fpc1145/

http://biometrics.mainguet.org/types/fingerprint/product/FPC/FPC_1145_flyer.pdf

Edited by Master_Scythe

Share this post


Link to post
Share on other sites

Problem is, you could probably look at the data for an image and set of biometric data and the size would likely be the same.

this i doubt. i mean, not necessarily. it all depends, doesnt it?

 

lets say you give me a satellite pic of 10km² of terrain — colour-coded with topographical data.

 

i assess that image, and identify 6 mountains/hills (ideally, dispersed, like two from each quadrant), storing the max elevation of each, the cross-sectional area of each at a range of elevations, such that i now have a 'signature' of each individual mountain. i then include the geometric distances between each of these 6 mountains/hills to each other in my stored data.

 

thats vastly less data than the original image, and yet, you could throw pictures of terrain at me all day i could could probably identify the presence of that exact location with a reasonable degree of accuracy.

 

i suppose this would be like very crude 'minutia-based' matching. processing would be slow. it would be hugely vulnerable to variations in the quality of source images, and the margins of error in my own metrics, and would probably fail in the case of very similar terrain -- but its easy to see how all of these factors could be constrained/eliminated by storing only slightly more data. even something as data-heavy as storing bitmapped silhouettes of cross-sections of each mountain would pale in comparison to the original image.

 

 

Biometric of course being unobtrusive similarly to a password hash. Though I imagine that a biometric password could easily be reverse-engineered to create multiple different working "copies". But in the sense of cloning a fingerprint, next to useless.

yes, thats my guess too.

 

@Master_Sythe, in the case of my example, a person aware of my method and able to read and understand my stored data could create endless fake images to trick my terrain matching system, yes, but they would not be able to reconstruct the original terrain itself — not even close. they would only end up with knowledge of the relative positions of 6 fake mountains of roughly the right shape in a sea of emptiness. that information would be all but useless for fooling another terrain matching algorithm, even if the other's method was only slightly different.

 

then, if you factor in the possibilities that:-

 

a) my algorithm is unknown to a potential faker

b) i dont actually store the metric data when creating the "key" but only a hash of it

 

it would be pretty damned safe.

 

in case this still isnt clear, if you suppose my algorithm was STUPIDLY inefficient and unoptimised, the authentication process would be one of scanning in each potential matching image into RAM, identifying every single mountail/hill in it, and then for every single possible combination of 6 of these, reducing them algorithmically to a string of metric data, and finally generating a hash on this data for comparison against the original stored hash. at no point would any image, neither the originally scanned 'key' nor successive scans ever need to be stored in non-volatile memory.

 

---

really, i see little theoretical reason why fingerprint scanning cant be made 99.99% trustworthy at the hardware level, but yeah....i wouldnt be surprised if there are vulnerabilities in many implementations...

Edited by @~thehung
  • Like 1

Share this post


Link to post
Share on other sites

For imaged fingerprints, all you need is 1-bit data. The only "feature" you want is whether a particular point is part of a ridge or valley.

Share this post


Link to post
Share on other sites

yeah, ultimately, i imagine that the data from any scan would at some intermediate stage be resolved to a matrix akin to an image with 1-bit colour albeit significant DPI.

 

in any case, its possible that the stored bytes required may represent a fraction of that matrix, much in the same way that facial recognition can be performed with knowledge of unique ratios of distances between eyes, nose, etc — with little to no explicitly stored imagery.

Edited by @~thehung

Share this post


Link to post
Share on other sites

yeah, ultimately, i imagine that the data from any scan would at some intermediate stage be resolved to a matrix akin to an image with 1-bit colour albeit significant DPI.

 

in any case, its possible that the stored bytes required may represent a fraction of that matrix, much in the same way that facial recognition can be performed with knowledge of unique ratios of distances between eyes, nose, etc — with little to no explicitly stored imagery.

 

The Samsung S8 iris scanner is fooled by a photo of the user.

Share this post


Link to post
Share on other sites

:)

 

I'm not a big one for at the PC security, but my firewall does not just defend, it attacks if provoked :)

 

Still, if you have anything you don't want stolen on your computer why not chuck it onto a stick and keep it separate anyway ?

 

Finger print scanners can be a bit of a joke actually, a few years back I was sorting out a government network that was a bit of a mess and needed some files from the admins machine to restore some settings. Fortunately he's a good friend because as he told me he'd need to unlock his pc with his fingerprint I said "Really?" and pressed my finger on the scanner, not my index finger, ring finger, and swiped it sideways - PC unlocked :) Just why the files were on his machine - we had a discussion about that later :)

 

I'm sure they are better now but that is an old trick from military so-called security days :)

 

There's no way to be 100% secure but securing your network and your office or home comes close if you are just old-fashioned sensible about it :)

 

Cheers

Share this post


Link to post
Share on other sites

Biometrics are not passwords. The key attribute of a password is that it's revocable. You only have 10 fingers. If you're using fingerprints as passwords you've got 10 for your whole life, and you leave 'em everywhere, including on the screen of the phone you're using them to secure. Biometrics are usernames. They identify you, but they shouldn't be used without a password. By definition, fingerprint sensors without passwords are not secure.

 

As a general guideline, if you can chug half a bottle of vodka and pass out, and a malicious actor can log into your account/device/whatever using just your unconscious body and what's on you at the time, you don't have any security at all.

  • Like 1

Share this post


Link to post
Share on other sites

Yeah, but I've never worried about security from a physical on-site hacker. Thanks to Windows, I'm accustomed to "If it can be TOUCHED, it's not secure".

I'm just worried about the possibility, where if I store my fingerprint on my phone, someone else can take that fingerprint and use it to incriminate me overseas, or unlock fingerprint auth used in the future.

I don't understand enough about how it works, to feel OK with giving my phone a copy of my prints.

 

I keep googling, but I keep coming up with vague answers :*(

Share this post


Link to post
Share on other sites

Biometrics are not passwords. The key attribute of a password is that it's revocable. You only have 10 fingers. If you're using fingerprints as passwords you've got 10 for your whole life, and you leave 'em everywhere, including on the screen of the phone you're using them to secure. Biometrics are usernames. They identify you, but they shouldn't be used without a password. By definition, fingerprint sensors without passwords are not secure.

 

As a general guideline, if you can chug half a bottle of vodka and pass out, and a malicious actor can log into your account/device/whatever using just your unconscious body and what's on you at the time, you don't have any security at all.

In 2-Factor parlance, a fingerprint is "something you have", whereas a password is "something you know". Together, they're far stronger than either one by itself.

 

As for how fingerprints are stored, I have no reason to believe that they're stored differently (in principle) to a password. That is, salted, then digested by some hashing algorithm like SHA-256.

 

Obviously there's some background magic to account for how presenting a fingerprint is a varied process, but in principle there shouldn't be a way to reverse-engineer your fingerprint from the stored hash.

 

At best, the local device is compromised, and as long as hash values are salted differently in different locations (as they should be), then it'd be for all intents and purposes impossible to use the obtained digest anywhere else.

Share this post


Link to post
Share on other sites

Those cheap Chinese knock off phones which imitate expensive ones have fake finger print readers. All those do is detect there is a finger there and unlock the phone.

Share this post


Link to post
Share on other sites

Those cheap Chinese knock off phones which imitate expensive ones have fake finger print readers. All those do is detect there is a finger there and unlock the phone.

 

Be a little specific; None of the cheap, but brand name chinese phones are like that.

Share this post


Link to post
Share on other sites

 

Those cheap Chinese knock off phones which imitate expensive ones have fake finger print readers. All those do is detect there is a finger there and unlock the phone.

 

Be a little specific; None of the cheap, but brand name chinese phones are like that.

 

 

The outright copies of brand name phones like that (the ones which are meant to be deceptive). The brand name Chinese phones, might have fingerprint real readers. Of course the low end models don't have any.

Edited by Jeruselem

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×