Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security IT

Hashing Out the Next Step in Biometric Security 117

Posted by ScuttleMonkey from the facial-hashing-sounds-painful dept.
ergo98 writes "CNN is running a story about biometric hashing. Using this technique, biometric inputs (such as facial characteristics) are altered based upon individual characteristics in a hopefully one-way process. The goal is to continue to reduce the risk of a back-end data exposure."
This discussion has been archived. No new comments can be posted.

Hashing Out the Next Step in Biometric Security More

Hashing Out the Next Step in Biometric Security

Comments Filter:

  • Compromises? (Score:5, Insightful)

    by Poromenos1 ( 830658 ) on Monday August 29, 2005 @10:35PM (#13432624) Homepage
    I don't like this. Say that someone discovers the "password" (the hash), then you're done. You can't change it (unless you grow a moustache). Same goes with fingerprints, etc. I think a password (passphrase) is much more practical.

    • Re:Compromises? (Score:3, Interesting)

      by Poromenos1 ( 830658 )
      Hmm, this appears to be a kind of salt applied to the picture so they can change it if the hash gets stolen. But then, why not just apply the salt to the hash (like normal md5 salts), and just change the salt when it's stolen? The salts (like the minutia points) would be stored somewhere and the attacker couldn't use the same salt if you changed yours.

    • Re:Compromises? (Score:5, Insightful)

      by Doug Coulter ( 754128 ) on Monday August 29, 2005 @10:56PM (#13432721) Homepage
      Bruce Schneier (counterpane.com) has published on and linked to a lot of other publications on the implications of biometrics, and how easy they are in general to steal. Can't just change your password, you've only got 10 fingers (I hope!) and so on. The whole thing is a very bad idea, and most extant schemes are trivially cracked no matter how "secure" the backend. Pictures of retinas/faces have worked, lifted fingerprints translated to gummy silicone have worked, and so forth. No fancy skillz needed to get past any existing system.
      • Exactly... that's the biggest problem. Everyone is concerned with getting their fingers chopped off-- why even bother if you can just lift someone's prints off of a doorknob and they'd be none the wiser. The biggest problem with cracking is getting noticed, if you cut off someone's finger I bet they'd notice that more than if you lifted their prints.
        • This isn't even a problem in newer sensors. These don't take a picture in the normal sense of the word, they scan the discharge from the finger so you have a simple mono output that only depends on the finger being alive and not even dirt affects these much.

          (granted these are a bit finicky and i had to send mine back)

      • Re:Compromises? (Score:3, Interesting)

        by mikiN ( 75494 )
        It would be better if a biometric identification could combine several characteristics together in such a way that only a (complete) living person could provide them, for example:
        - iris ID combined with testing of the accommodation reflex, to make sure a real, functioning eye is looking at the camera.
        - fingerprinting combined with infrared scanning, to verify that an unaltered living finger is used.
        - voiceprinting of unique and varying phrases to eliminate recordings.
        and so on.

        • Re:Compromises? (Score:1, Interesting)

          by yesteraeon ( 872571 )
          This [slashdot.org] system is quite a bit harder to fake than a simple finger print. It couldn't be lifted off a doorknob or the like. As an added plus it can tell the difference between attached living hand from one that's been separated from its owner.
        • While there are advantages to having a more complex system from a security standpoint there are some ... largish problems as well. Not the least of which is that there's a strong need to move beyond the password for the average user in the average community and that complex systems to log on to your machine in the morning just aren't going to work.

          For high security -- very high security -- environments, perhaps. But my personal feeling is that this isn't where we're going (thumbprint scanners on iPaq's and

      • Re:Compromises? (Score:5, Interesting)

        by Afrosheen ( 42464 ) on Tuesday August 30, 2005 @12:12AM (#13432998)
        Try this one on for size. It's my little gift to the biometric community.

          In many protocols, when a session is initiated, the beginning of the transaction includes a handshake. One side says hello are you there, the other replies yes I'm here and the session continues.

          Why not make an actual, physical handshake verifier? I'm sure most people are consistent with their real handshakes, and there are a wide variety of measurable parameters a handshake can provide. For example, when shaking someone's hand, you apply very specific pressure, grip a particular way that spreads pressure to consistent points on your buddy's hand, hand temperature (which can vary depending on a number of factors but we're talking average), hand placement, duration and motion of the shake, etc. You could take it one step further and teach your employees and the system some jive handshakes that involve many steps. The admin could have the most intricate handshake of all.

          The beauty to all this is that handshakes tend to be very personal and never given out. How could someone hack or even learn a secret handshake? It'd be pretty damn hard to do and even harder to replicate once you figured out the sequence due to pressure and duration, etc.

          Schneier should give this one some thought. All you really need is a rubber jointed hand sticking out of the wall (or hidden inside it, retractable) that feels appropriately like a real human hand. Ask the RealDoll people for advice on this. Load it up with sensors and start training it.
        • Yeah, they had something like that in Undercover Brother.

          Except that in that movie, it was a complex choreographed action.
        • Alright - someone has got to mod this one up. I don't really know if you were serious or not, but I found this absolutely hilarious.

          I just tried to explain to my wife why I was laughing so hard, and I just got a confused stare... geek I am most certainly.
        • Not a bad idea, until someone slams their hand in a car door, hurts themselves while playing racketball, strains their hand while helping someone move, etc and their handshake changes.

          You could have a backup identifier at that point, but then your security is only as secure as the backup identifier.

          Fingerprints never change, and only are lost if you lose the finger. Most people don't lose fingers during their lifetimes, but people do injure their hands for a day or two.
          • As a previous poster mentioned, a few bucks worth of liquid rubber or some sort of gelatin easily allows someone to copy your fingerprint. It's not nearly as secure as a handshake would be. People hurting their hands..well, honestly, in the IT and most other soft industries, it doesn't happen very often. You probably couldn't use something like this at a junkyard or construction site but I don't see a need for it at either place.
            • this is really a non-issue now a days. The current generation of [high end] finger print scanners usually include a thermal detection or similiar mechanism in addition to scanning the print itself which makes the "gummy" attack and even removing someones actual finger pointless as it will fail authentication.
        • Isn't there something similar device under development for gun triggers? It senses the pressure pattern during the shot and not fires if the pattern doesn't match.

          • Isn't there something similar device under development for gun triggers? It senses the pressure pattern during the shot and not fires if the pattern doesn't match.

            Sounds like a terrible idea to me. That jittery second in which one would decide to use lethal force to defend himself would most certainly (I should hope) be different than just any regular day at the firing range.

    • Re:Compromises? (Score:2, Informative)

      by Achromus ( 810984 )
      RTFA. If you do, you'll see that IBM describes a technique for making "cancellable biometrics", in which companies can alter the way the hash is distorted. If the hash is compromised, the company could change the distortion applied to the face, and obtain a new hash.
      • If the hash is compromised, the company could change the distortion applied to the face, and obtain a new hash.

        Umm... isn't that fairly irrelevant, since the input (real OR faked) would remain exactly the same?

        Maybe I'm missing something here, but this seems like changing the way a password hash is stored in the database without actually changing the password itself.

        The password is the input -- your retina, your fingerprint, etc.. You can't change that, so once someone has a reliable method to duplicate wh
    • Any system where a credential can't be changed is broken.

      The only biometric I've seen with promise uses fingernail etchings. If your password is compromised, zero the old etching and use another fingernail. About 30K of data fits, apparently.

      I'd still prefer a private key on disk or SecureID token.

      • Considering that there is 30K of data you could probably fit the private key that would be on the disk.
    • LOL, at least be light-hearted about about the evil tyranny big brother coming to "SAVE US ALL"....LOL....wow what a "NEW WORLD" we live in. Even discussing and planning this outright like it's something helpful to security against "terrorists" is absolutly ludacris. The Communists and the Capitalist world have been playing off one another for scores of decades.....DON'T BE FOOLED...This is not good for us, it only brings more tyranny. Tyranny is the war against the people, not a war against terror...Th
    • No ... it would appear to work more like a salt. We're FINALLY moving to the point of being able to get over the "stolen fingerprint" stage of biometrics. Shame that I didn't get around to publishing 2 years ago. Oh well.
    • I share your concern and everybody should. That's why IBM came up with this [infoworld.com].
    • I've been a long time an advocate of NOT using biometric (confirmed by many slashdot posters in this topic) until recently...

      The three categories are listed again as something you: HAVE, REMEMBER, and ARE.

      Perhaps, we're a bit hasty in throwing out the biometric equation as being harshly non-revokable (no amount of hashing marketspeak can shake that solid notion).

      What if "ARE" is being used as a first-line of defense, albiet a very weak defense. It would make the whole authentication/authorization more casu

  • Please sit here to confirm your identity. (Score:5, Funny)

    by mikeophile ( 647318 ) on Monday August 29, 2005 @10:36PM (#13432628)
    The goal is to continue to reduce the risk of a back-end data exposure. Surely you didn't think that photocopying your ass wouldn't get patented, did you.

  • The executives of my firm (Score:5, Funny)

    by Anonymous Coward on Monday August 29, 2005 @10:36PM (#13432629)
    are reluctant to adopt biometrics because they're afraid a crook will rip out their eyes.
    Seriously.
    They cited Demolition Man.
    For real.

  • One Way Process (Score:5, Funny)

    by buckhead_buddy ( 186384 ) on Monday August 29, 2005 @10:38PM (#13432637)
    Using this technique, biometric inputs (such as facial characteristics) are altered based upon individual characteristics in a hopefully one-way process.
    Let's hope it's a one-way process. I don't trust any computer to alter my facial characteristics.

  • Process schmocess (Score:5, Funny)

    by GillBates0 ( 664202 ) on Monday August 29, 2005 @10:40PM (#13432652) Homepage Journal
    ...facial characteristics are altered based upon individual characteristics in a hopefully one-way process.

    Heck, they need billion dollar research grants to figure out these "techniques"? Bubba, Sparky and his pals downtown would irreversibly alter an individual's facial characteristics given $100.00, 10 minutes and enough motivation.

    • Yes, but can they do it repeatedly in the same way to lots of different people. Betting that no matter how much you pay them, they won't be able to hit everyone *exactly* the same way...
  • Now instead of the crackers finding out my password and stealing my data, they'll have to kill me to get the fingerprint scan as well.

    Oh joy, the wonders of modern technology.
    • Now instead of the crackers finding out my password and stealing my data, they'll have to kill me to get the fingerprint scan as well.

      Not all hackers are white!
  • "The goal is to continue to reduce the risk of a back-end data exposure." Just make sure no-one rolls your ass over an inked stamp-pad and then plonks it on a piece of paper then proceeds to steal your "identity" via plastic surgery..
  • I have a very hard time believing it is possible to encrypt something one way. It is only a matter of time before some genius figures out a way to reverse it.
    • I have a very hard time believing it is possible to encrypt something one way. It is only a matter of time before some genius figures out a way to reverse it.

      You've obviously never seen what happens when the marketing department, accounting department, and human resources department intercept and edits the requirements report from senior executive management for new software before it gets to the programming department have you?
    • Dude, you MUST study basic cryptography. Even MD5 is one way. Sure, you can guess WHICH strings can produce a determinate hash. But of those thousands (maybe millions) of combinations, can you really guess which one was ACTUALLY used?

      Anyway, the RSA is constantly working on getting better and better hashes. We got SHA-256, SHA-512 and SHA-1024. And these are way more advanced than SHA1.

      Unless of course, you're running quantum cryptography.

      Anyway, all it has to be done to create a "virtually unbreakable" has

      • Although I agree that the GP seems pretty clueless with respect to basic cryptography, as you say, I have to correct you and the numerous following posters about the "irreversibility" of cryptographic hash functions.

        It is true that theoretically, these functions map an infinite domain of messages into hashes and therefore every hash has an infinite number of possible pre-images. This theoretical irreversibility is dependent on any random string being considered a possible pre-image.

        In practice, if one

      • OK, "mea culpa" --- I got bits and bytes mixed up
        in the calculations of my previous post.

        It looks less impressive when you have to divide
        by 8 to get bytes...

        That still doesn't make doubling the
        hash lengths every time they're broken a good idea.

        Unless you think the minimum message length will
        be increasing similarly?

  • Bio-metrics, my ass! (Score:4, Funny)

    by Jah-Wren Ryel ( 80510 ) on Monday August 29, 2005 @10:47PM (#13432681)

    The goal is to continue to reduce the risk of a back-end data exposure.

    Sure, today they promise that they only want to do biometrics on my face and fingers. But its just the tip of the slippery slope. You know we can't trust them. Just like the social security cards used to all say "not to be used for identification" and look what good that did.

    I say that if we don't fight these biometric overlords, it is only a matter of time before they are forcing us to sit naked on copiers so they can xerox our asses! Make a stand now while you still have some dignity, and your pants!

  • Biometric Encryption (Score:5, Informative)

    by bitkid ( 21572 ) on Monday August 29, 2005 @10:48PM (#13432691) Journal
    That sounds pretty old. Ever heard of Biometric encryption? The idea is to use a one-way hash on the biometrics, but also accounting for the fuzzy-ness in the reading. If the readings match, then the same hash comes out. Otherwise something random. See here...
    • The silly thing about this article in particular was the popup walkthrough.

      They show a fingerprint scanner, and how the print gets warped before being stored. Then along comes John Q. Hacker, who manages to hack the database, extract the stored (and presumably encrypted) fingerprint data, build a fake fingerprint out of that data... and BOOM! He is foiled because of that warping step.

      Wow, that hacker went to a huge amount of work just to get that fingerprint data.. meanwhile, the user is happily going abo
      • Even better. He's got access to the database to extract the stored fingerprint data... wouldn't it be simpler to just insert his own information into the database as an authorized user of everything? Even better, since it's warped one-way, they won't be able to back-trace it to his actual info.

  • Back-end data exposure? (Score:1, Funny)

    by Anonymous Coward
    Something like this [goat.cx]?

    ~~~

  • DNA Hashes (Score:4, Interesting)

    by Crixus ( 97721 ) on Monday August 29, 2005 @11:19PM (#13432815)
    It seems like DNA already is a fairly unique method of hashing.

    This actually seems easy to do. Combining various biological inputs to derive a unique identitfier.

    It doesn't seem like a GOOD idea quite yet, but it certainly seems like something that companies will pursue since I'm sure there are people willing to pay money for it.
    • When using passphrases, people often wonder about users who leave their credentials on their monitor. What do you do when people leave their DNA all over their keyboard (that's skin fragments, you pervert).

      Its relatively easy to spread someone elses DNA all over a crime scene (google 'DNA spray'). I don't think it'd be that difficult to do with DNA based biometrics.

  • What about equipment maintenance? (Score:4, Insightful)

    by antifoidulus ( 807088 ) on Monday August 29, 2005 @11:22PM (#13432827) Homepage Journal
    Say what you will about passwords, the thing is the require *NO* extra equipment to keep running(well, a keyboard, but you probably need that for other purposes anyway) However, all sorts of biometric scanners need equipment to keep running, equipment that will fail one day, and of course it will be the day that you have to log into your account to fix a critical problem in a critical production system....
  • I often wonder if computers will survive the inevitable backlash when we completely lose all privacy. Things always get a lot worse before they get better and we keep heading there. Professional politicians should have taught us enough about trust that we would not listen to these corporations too. Just like social security numbers and everything else to date, biometric data will be abused eventually, you can be sure of it. Just wait for the skeptical generation to die off.

    Maybe global warming will get us a

  • More Misdirection from the Biometric Community (Score:5, Informative)

    by tiny69 ( 34486 ) on Monday August 29, 2005 @11:35PM (#13432875) Homepage Journal
    Biometrics is one mechanism for authentication. The three mechanisms for authentication are generally grouped into, something you know (password), something you have (swipe card), and something you are (biometrics). If either of the first two become compromised, they can be changed. Biometric features on your body cannot be changed. This is the major flaw behind biometrics. So the biometric community periodically playes games with the data on the backend hoping to misdirect the users away from the major flaw. "See, we hash your data, so it's secure...."

    A story that is still relavent whenever biometrics is brought up:

    [hindustantimes.com]http://www.hindustantimes.com/news/7242_1301216,00 180008.htm [hindustantimes.com]

    • The three mechanisms for authentication are generally grouped into, something you know (password), something you have (swipe card), and something you are (biometrics).
      In reality, those groups are actually:
      • something you can forget
      • something you can lose
      • something that can change as you age
      • In reality, those groups are actually:

        * something you can forget
        * something you can lose
        * something that can change as you age

        More like:
        • Something you bypass by shoulder-surfing, post-it-note-observation, social engineering, brute force cracking, or even educated guessing (no special tools required); input will be quickly replaced (often with a greater difficulty version) once compromised, or on a schedule. Usually stored
        • the input is left intact and fully replicable on anything the target touches

          I take it you've never seen a real fingerprint latent or done any real latent lifting.
          You know, CSI is 99% bullshit and the fingerprint scene in "National Treasure" is utterly ridiculous.
          • Obviously I'm exaggerating for purposes of humour... but you should be able to get a pretty good print off of the scanner itself, right? I know that the average print tends to be smeared, or partial, etc. -- but how hard would it be to get a nice one from the scanner (where they place the full fingertip straight-on and carefully, and press down...).
            • Well, normally you dont have one but many fingers pressing constantly against the glass so its hard to just get one good enough to use. And then again, itd be pretty tricky, so itd become virtually impossible in any place thats not completely isolated and unsurveiled (sp?).

              Then again, if the biometric access device is in such a place (eg. alone, unguarded, nobody sees you trying to lift a latent or to put a rubber thingy on it), then itd be even easier to break the lock than to go to all the trouble to bypa

  • This isn't a hash, it's a salt (Score:1, Informative)

    by Anonymous Coward
    Combine your data plus each provider's own distortion = password plus salt.
  • Most biometric systems are flawed in the fact that people change. I suppose the only system that isn't too flawed, is a retinal system because if you screw your eye over, you probably have bigger problems to deal with than your files. What do you do when you get a cut on your finger, burn it on the stove,...walk into a wall. For the system to make files more secure than short password they require many data points samples from the source. That means more chances for [something as simple as] swelling from hi
  • The solution here (echoed by other posts) isn't all that new are amazingly innovative. In the end, it's a nifty hack for preventing database theft/back-end/internal theft. There *is* concern about that (I personally predict that it's inevitable that someone will get their hands on a major biometric database...for instance, a datatape that holds the photographs for an entire state's DMV license-state ID archive.)

    However, the complexity in stealing the back-end pales in comparison to stealing the actual biome
  • This, like all other "undefeatable" biometric systems will get hacked six ways to Sunday.

    Even the mighty RFID chip under the skin will fail as hackers and evil doers don't take no for an answer.

    In the end, when the people are BEGGING to be protected from the evil doers, BIG BROTHER will step in with the ultimate biometric system, the "Soul Sucker Chip" whereby part of your soul is taken and stored in the Universal Comparator, aka "The Approver". Every transaction, every movement will be handled by the "The
  • Isn't the biometric profile a hash in the first place? (i.e. generating a unique profile based on a person's characteristics) So this proposal of generating a biometric profile based on a distortion is applying a salt to hash a hash? Is hashing a hash more secure? It also seems to perpetuate a big problem in the biometric industry that exists right now - no interoperability for profiles, thus ensuring that you're locked in to a vendor.
  • ooo ooo what about retnal scan, hand print scan., DNA analisis (takes 24 hours last time i checked) and password all just to get into the computer... wouldnt that be fun... by the time the DNA analisis was complete you would have to start all over again cause you would walk away after 24 hours
  • 1) Install a "face reader" authentication device.
    2) Put a "Acne Trouble? click here" link and force to buy lots of acne cream
    3) ???
    4) Profit!!!
  • First of all, lets link to the research on how hashes are reversed:

    Fingerprint Readers: http://chris.fornax.net/biometrics.html [fornax.net]

    Face Recognizers
    http://www.site.uottawa.ca/~adler/publications/200 3/adler-2003-fr-templates.pdf [uottawa.ca]

    Both attacks are based on the idea that the algorithms are necessarily fuzzy, and as such emit not just an oracular "match/not match" but a weighting regarding how accurate the matching is. As such, you basically can perturb the underlying data slightly, run it through the algorithm, and

  • Vender Lock-in for Questionable benefit (Score:3, Informative)

    by logicnazi ( 169418 ) <gerdesNO@SPAMinvariant.org> on Tuesday August 30, 2005 @01:45AM (#13433424) Homepage
    I find it interesting that IBM choose to distort the date in their biometric scanners before storage. Since the type of distortion is likely to be secret, proprietary, or just plain difficult to duplicate it effectively locks in any organization into the IBM scanners. Since their system database would only contain IBMs hashes of biometric data buying even one none IBM scanner would require rescanning every user.

    Now perhaps I am jumping to conclusions and IBM has implemented some kind of removable card interface for hashing but I find that doubtful. Moreover, hashing biometric data is of questionable benefit in any case. Most biometric data is more easily collectable by simple investagatory techniques (covert photography, dusting for prints) than reconstructing a face from the security data. Moreover, since biometric characteristics are necessarily unchangeable potential hackers could merely use the data from some other less secure biometric security system one of your users also uses. Heck, creating a fake biometric id system and using social engineering to get someone to use it would be way easier than reversing these hashes.

    Furthermore designing a secure hash to accomodate the inexact nature of biometric identification seems difficult. By it's very nature a secure hash cannot be guaranteed to map similar inputs to similar hashs. Thus either the hash will be insecure, the system too prone to false negatives to be usefull, or the biometric data must first be rounded to exact values (or for borderline cases just hash both possible ways to round). Yet a rounding scheme which avoids too many false negatives will significantly reduce the 'password' space.

    In a normal system the sensor would report all the biometric measurments to the authorization server which would compare the measurements to the stored measurements and see if they are sufficently close to an authorized user. Since a secure hash can't be 'close enough' the measurements must be rounded sufficently to always give the same value for the same user. The net result will be a reduction, not increase, in security. I actually suspect IBM isn't using a secure hash in the cryptographic sense.

    A more promising option in my opinion would be to implement a distinct algorithm in the sensor to check that the person had normal human features. Thus even if a hacker steals the biometric info and attempts to produce a fake he must not only duplicate those particular measurements but incorporate them into an image/texture which is otherwise human normal. Since these two algorithms can use different information it would be difficult to defeat. Furthermore since the human detection can be isolated in the sensor no vendor incompatibility issues arise and the algorithm can even be upgraded.
    • Are you aware of how the "Jello" break for fingerprint readers works? If not, go read up on it. The basis is that a thing layer of Jello on your own finger can have someone else's fingerprint on it; because it's got your skin underneath, it reads human, and because it's got the victim fingerprint on it, it reads as someone else.

      I believe that a similar trick has been demonstrated with contact lenses for iris recognition; the base problem is that it's too easy to change appearance to match someone else at a

  • There surely is a lot of hype and hot air surrounding this, but ultimately it only comes down to having something to uniquely identify an individual. So why use something we are (fingerprints or retina scans) instead of something we know or have (passwords, passphases, and tokens)?

    This is particularly true when crytographic research goes on in public, while this biometric stuff is closed and proprietary. Can we tell how secure the protocols and algorithms are? Not a chance. Given that it is highly likely th
  • ... a backend compromise
    So you can't turn a hash of my fingerprints back into my fingerprints.
    Big deal.
    You can still collate my hashed fingerprint in THIS database with my hashed fingerprint in THAT database etc. etc. until you stumble on a database that has my hashed fingerprint and my name.
    In other words, all the data-mining junk still works. You can still track me, SPAM me, sell my information, even find out my name and where I live.

  • Using hash functions in biometric identification has been already around for awhile. Working everyday examples can be found for example from http://www.deltabit.fi/ [deltabit.fi]. They're used in hospitals, homes, even fitness centers.

    In their appliance no fingerprints are saved to anywhere (!), only the numerical value, which is product of one-way-only hash function. I repeat, no image of one's finger print is stored anywhere, it's not even possible with the equipment used. You simply can not reverse the numerical val

  • But will it be real "hashing"? (Score:3, Interesting)

    by bcmm ( 768152 ) on Tuesday August 30, 2005 @06:43AM (#13434356)
    In my school's library, they have a fingerprint scanner instead of library cards (which I still think is bizarre overkill and no better than cards for stopping theft).

    They gave me a sheet of paper to sign, with small print that most people probably ignore. As I was interested, I looked through to find out how they protect my information. It turns out that they store a "hash" of the fingerprint which cannot be used to recover the print except by a method which only certain people at the company which sold the system know.

    So rather than a real secure hash, my fingerprint is protected by security through obscurity. I suspect it's much more like weak encryption than a hash, and that anyone who was really interested could get my fingerprint out, if they had the library's software available to reverse engineer.

    There's very little motive in a school, but if this type of system spreads to offices or even banks, there are going to be real problems.
  • ...if everyone everywhere was totally honest and always told the truth at all times? Now I fully realise that nobody is about to make this happen any time soon, and from that perspective I think it is interesting to note that with human institutions the more pervasive the influence and control they have over us the more they seem to be disposed toward lying. There is just *so* much stuff around us today that is necessary because so many are dishonest to a greater or lesser degree. If we all woke up one morn
  • Because anyone can and will steal the digital artifact. For figerprints, the digital aftifact can be generated from any of the thousands of latent prints you leave around everyday. My solution is that trusted readers cryptographically sign the hash + challenge. You can then check with a registrar how secure the reader model is supposed to be, if that specific device is known to have been compromised, etc.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close