Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] iPhone5S Fingerprint and 5th amendment

Eugen Leitl eugen at
Wed Sep 11 09:35:36 PDT 2013

On Wed, Sep 11, 2013 at 09:20:56AM -0700, Peat Bakke wrote:
> > This is likely subject to a precompiled hash lookup table attack,
> > as the number of all possible fingerprints, quantized via a classification
> > vector is not that large.
> Can you give us a better idea of how large "not that large" is?

I thought there was insufficient variability so there could
be dupes within the world population of mere 7 gigamonkeys, 
but that might be wrong,

See FBI Appendix F specifications in
500 pixels per inch or 1000 ppi at 8 bits per pixel. Capture size 1.6" x 1.5" (600 Kpixels)
for roll finger or 1" x 2" for thumb (500 Kpixels).

But once you threshold the images, you effectively get rather less than 1 bit per pixel, as
there's a lot of correlation between pixels. Also rotations all count the same. My fingers
have more like 50 ridges per inch. But that's still a *lot* of possible values. 

After extracting the minutiae, there's rather less information held. One finger reader I have
states the software extracts between 10 and 70 minutiae points, held as (x,y) vectors, in a
transform claimed to be non-reversible. If coordinates are accurate to 6 bits, that means 10 x
(6+6) bits = 120 bits minimum. Still allows for significantly more possible prints than the
world population. 

See also Sir James Crosby's report,, suggesting that only
non-unique digital representations should be stored. This would allow the master copy in the
database to be replaced with another version, so would provide some limited options to
"change" a compromised fingerprint.

Uniqueness of fingerprints?
Posted Apr 6, 2008 11:32 UTC (Sun) by man_ls (guest, #15091) [Link]

Hmmm... doesn't the principle behind the Birthday paradox apply here? Even if there are 366 days in a year, the probability of two people having the same birthday reach 0.5 with a group of only 23 people. Therefore you would only need roughly the square root of the number of possibilities to find a collision.
With 120 bits you are still safe, since the world population is about 2^32. But the security factor is not as high as it would seem. Surely we don't expect all values to be as likely, as with birthdays; if they tend to cluster around certain values (some kinds of fingerprint configurations are more probable than others) then collisions become increasingly likely.
> Rainbow tables are always a problem, but I suspect that there's more
> diversity in those vectors than in user generated passwords.

More information about the liberationtech mailing list