"Retailers Experiment With Biometric Payment" article
Adam Shostack
adam at homeport.org
Tue Jun 28 13:17:22 EDT 2005
On Thu, Jun 09, 2005 at 12:02:19PM -0400, Adam Shostack wrote:
| On Thu, Jun 09, 2005 at 11:17:59AM -0400, Heyman, Michael wrote:
| | From
| | <http://www.washingtonpost.com/wp-dyn/content/article/2005/06/08/AR20050
| | 60802335_pf.html>:
|
| | share its biometric data with government agencies, and
| | in fact, the full fingerprints are not stored in the
| | system. Instead, a complex mathematical algorithm is
| | created to represent identifying characteristics of
| | the fingerprint, which are matched to the real thing
| | when a user shows up at a checkout counter.
| |
| | No discussion on the threat of finger removal...
| |
|
| Has anyone ever studied the reversability of these algorithms? It
| seems to me that you could make some plausible guesses and generate
| fingerprints from certain representations. I don't know how likely
| those guesses are to be right.
The answer is you can reconstruct fingerprints from common systems.
Daniel David Walker referred me to some work by Andy Adler, who
pointed out Ross, Shah and Jain, "Towards Reconstructing Fingerprints
from Minutiae Points."[1]
[1] http://www.csee.wvu.edu/~ross/pubs/RossReconstruct_SPIE05.pdf
Some additional tidbits are on my blog at
http://www.emergentchaos.com/archives/001443.html
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list