Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] iPhone5S Fingerprint and 5th amendment

R. Jason Cronk rjc at privacymaverick.com
Wed Sep 11 12:08:25 PDT 2013


Not real familiar with fingerprint matching technology, but you might be 
able to use shingling to get around the problem of not wanting to keep 
raw data but also not have the divergence problem of hashing, no?

Jason


On 9/11/2013 12:04 PM, Matt Mackall wrote:
> On Wed, 2013-09-11 at 08:42 -0700, Peat Bakke wrote:
>> Are there any reasons why fingerprint data couldn't be treated with the
>> same concern as passwords? That is, subject to a one-way hash before being
>> stored, transmitted in signed payloads, etc?
>>
>> I'm not sure how securing this data would be different than passwords --
>> and given how much unique data can be generated from a fingerprint, it
>> should be significantly better than John Doe's 8 character password.
> Fingerprint matching (like just about anything analog) is not going to
> be error or noise-free, and thus will have to work on something less
> than a 100% perfect match. Thus, comparing cryptographic hashes of the
> input with a stored hash won't work: any single bit change in the input
> will completely change the hash.
>
> Similarly, any other sort of one-way algorithm that prevents you from
> reconstructing a valid input from the stored data is not going to work.
>


*R. Jason Cronk, Esq., CIPP/US*
/Privacy Engineering Consultant/, *Enterprivacy Consulting Group* 
<enterprivacy.com>

  * phone: (828) 4RJCESQ
  * twitter: @privacymaverick.com
  * blog: http://blog.privacymaverick.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130911/7f5bc4a1/attachment.html>


More information about the liberationtech mailing list