Exchanging Pictures To Generate Passwords 123
Roland Piquepaille writes "Today, Ileana Buhan, a Romanian computer scientist, is presenting her PhD Thesis at the University of Twente in the Netherlands. She is using biometrics to protect confidential information when it is exchanged between two mobile devices. This is a very innovative approach to security. Buhan's biometric application will generate almost unbreakable passwords from photos taken by the connected users. Here is how it works. 'To do this, two users need to save their own photos on their PDAs. They then take photos of each other. The PDA compares the two photos and generates a security code for making a safe connection.'"
biometrics ? (Score:1, Insightful)
so where does the bio part come in ? a picture isnt bio anything
then again this another crappy Roland article so its not suprising its short on facts and long on plagiarism
Re:Oh Dear (Score:5, Insightful)
It doesn't work like that. From what I can tell, it uses the image as a seed.
This is secure as long as that picture is kept secure and NOT given to anyone else, ever.
However, given the nature of humans, that's too tall an order. If that picture ever leaves the phone on where it was taken, the security is broken.
No problem (Score:5, Insightful)
What is the difference... (Score:4, Insightful)
And the "SecureGrip" project is a joke. In order for anyone in their right mind to stake their life on a biometric security device for their gun, it would have to reject others almost perfectly, and accept the legitimate owner infallibly... the latter being the more important of the two by far.
We are nowhere near that kind of perfection. I wouldn't touch something that uses even the most recent versions of "SecureGrip" with a 10-foot pole, much less pay money for it.
Almost Unbreakable? (Score:3, Insightful)
This application has some 'cool factor' since it would make your shoot pictures of your friends in order to protect your 'important' communication between them, but real problem in here is not hashing, it is password generation algorithm. If it has weaknesses your random hash (ie. salt) won't make it any secure. And also how applications reach/use this password is another factor.
Biometrics have a good 'cool factor' but they indeed put other problems into security. As other posters mentioned you can shoot picture of Alice and Bob, considering it uses facial information, you can mimic it. It is like you could get finger prints left on some fingerprint scanners. Besides libraries using those biometric data need to a lot more time to be proven as secure than textual password algorithm we use today.
I might be a conservative about this but I still believe that even though biometrics can put some additional security, they still need to be harvested with memorized (ie. textual or verbal) passwords. If you don't harvest them, then you add possible attack vector of biometric data encoder to underlying authentication stack code as well.
Re:Oh Dear (Score:5, Insightful)
Every image is different, it has quite some randomness in it overall. I'm no cryptographer but can imagine that randomness is suitable to make keys.
What this unfortunately does not seem to address is the secure exchange of those keys. Making a very large secure random key and having a strong unbreakable encryption algorithm is one, exchanging those keys in a secure manner is another. Secure as in having no way of a third party listening in undetected, and getting the actual keys.
In this case the users have to take photos of themselves, and of each other: that indicates they have to be close together. Then the whole key exchange issue is trivial as it can be handed to the other party on a memory card or cable link or whatever. It is more interesting to be able to exchange those keys over a distance, over an insecure communication channel.
Re:Oh Dear (Score:5, Insightful)
Perhaps I'm missing something... (Score:2, Insightful)
Re:Oh Dear (Score:2, Insightful)
You would need still a copy of both photos to be able to decrypt the transmitted.
This assumes that the key-space used is large enough that a old fashioned brute-force isn't feasible.
Re:I preferred shake to sync (Score:3, Insightful)
That'd be great, 'cept I don;t know of an easy way to cable together two iPhones, or two Blackberries, much less between two different models/manufacturers.
The shake and bake shared secret is a great idea because it requires no additional connectivity. In fact the two devices can have NO network connection, but share only similar readings during an agreed time-window.
Accelerometers are only one way to generate "local data" that becomes a shared secret. Thermometers and other sensory input mechanisms that will (roughly) have the same readings in the same surroundings are also additional factors one can use to form the OTP.