Exchanging Pictures To Generate Passwords 123
Roland Piquepaille writes "Today, Ileana Buhan, a Romanian computer scientist, is presenting her PhD Thesis at the University of Twente in the Netherlands. She is using biometrics to protect confidential information when it is exchanged between two mobile devices. This is a very innovative approach to security. Buhan's biometric application will generate almost unbreakable passwords from photos taken by the connected users. Here is how it works. 'To do this, two users need to save their own photos on their PDAs. They then take photos of each other. The PDA compares the two photos and generates a security code for making a safe connection.'"
Re:biometrics ? (Score:2, Informative)
Re:I preferred shake to sync (Score:3, Informative)
Re:Crack (Score:3, Informative)
Re:Oh Dear (Score:5, Informative)
An image is random enough, but you can take a cryptographic hash of anything you want to - a password, a phone number, a song, an image, etc. How many ticks the processor has made in it's lifetime or the total value of all the bytes added up (modulus something) currently in memory will also be quite random, so the "using a picture" thing isn't really solving any problems. However, it does provide the basis of a framework that would allow you to move that picture (along with the one of yourself) to other devices in order to keep the shared secret key so you can continue to verify the person you're communicating with, since you can re-generate that key. Although there was nothing preventing you from just moving a keyfile in the first place. Don't forget - the more places the key is, the easier it will be for attackers to obtain.
As for the secure transmission of those keys - it's called the Diffie-Hellman Key Exchange [wikipedia.org] and it has been around for over 3 decades and remains unbroken. Alice and Bob communicate some numbers which allow them to generate the same key, but Eve has no way of generating the same number.
I also replied here [slashdot.org], so if you think this post is unclear, read there, too.
Re:Everybody missing what is important (Score:3, Informative)
http://wwwhome.cs.utwente.nl/~balazsi/ [utwente.nl]
Re:Oh Dear (Score:5, Informative)
No you've completely missed the point. Each user takes their own photograph of themselves. This never leaves their device. When a connection is to be setup the other user photographs them. There are now 4 photos in the set:
Alice's photo of Alice
Alice's photo of Bob
Bob's photo of Alice
Bob's photo of Bob
Each user now has a pair of images that should be similar (but are not the same). Alice has a photo of her and Bob, Bob has different photos of Alice and himself.
The images are hashed in some sense to generate a seed for the key. The assumption is that the image hash is robust enough that the two different images of Alice generate the same seed, and the same for Bob.
So if I now take a third pair of pictures, one of Alice and one of Bob, and the hash is robust then I can recompute their seed, and derive their key. As I said originally, it's some interesting vision work to come with a robust hash like that, but it is not actually secure.
If you still don't believe me, then reread the article and consider that the security of the system relies on Alice's picture never leaving her device. The same applies for Bob. To perform key agreement that means the same seed must be derived from the separate images.