Re: Fingerprint as cryptokey
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Wed, 30 Aug 2006 12:48:38 +0000 (UTC)
Francois Grieu <fgrieu@xxxxxxxxxxxx> wrote:
I'm trying to find an information-theoretic argument that
there can't be a Biometrics -> Cryptokey function, not using
a database CONSTRUCTED FROM enrolled person's inputs, that
- generates the same output from two inputs acquired from
the same person with sizable probability (say > 2^-10)
- but still is very unlikely to produce the same outputs
from two inputs acquired from any two different persons
(say 2^-100).
Any clue ?
I don't see how there can be such an argument. If we ignore issues of
practicability and twins, what about DNA sequencing? I would guess there
is enough variability in DNA to ensure perfect matches, even if you have
to add some huge error-correcting code to compensate for the inevitable
errors. Pass the error-corrected sequence through a suitable hash function
and you have your cryptokey with no database involved, right?
Or did I not understand?
(PS. Such a scheme would be daft without some secret involved. DNA
sequences are hardly likely to be secure from a determined adversary.)
--
Kristian Gjøsteen
.
- Follow-Ups:
- Re: Fingerprint as cryptokey
- From: Francois Grieu
- Re: Fingerprint as cryptokey
- References:
- Fingerprint as cryptokey
- From: Kim G. S. Øyhus
- Re: Fingerprint as cryptokey
- From: Francois Grieu
- Fingerprint as cryptokey
- Prev by Date: Re: RSA Signing Security?
- Next by Date: Re: Fingerprint as cryptokey
- Previous by thread: Re: Fingerprint as cryptokey
- Next by thread: Re: Fingerprint as cryptokey
- Index(es):
Relevant Pages
|
|
