Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

cross post: Biometics as a Technology - in my opinion is moribund

By Andrew Pollack on 03/06/2004 at 11:43 PM EST

-------------

Author's Note: I originally posted this in another venue as a response to a push for biometics. I've updated it a bit to remove references to other things in that venue that are not mine to share.

-------------

Biometrics is one of those technologies that springs out of the minds of science fiction writers and later comes to pass. We've had many great things come to us that way, but not all of them work out quite as planned. In this case, the technology is cool, but moribund.

First, understand that Biometrics is about simply authentication - not authorization. As I've said many times, they are very different things. There are many parts to the authentication piece of the puzzle, but lets focus for a second on just those which claim to be the advantages of biometrics; portability -- its always with you, complexity -- most claims are that biometric data is hard to duplicate, and fidelity -- the belief that there is sufficient uniquieness among the population. Biometrics has long term trouble ahead in all of these areas. I'll compare it to a smart card.

Portability: While it is certainly true that I am never without my biometric data, it is also true that I am rarely in the presence of equipment with which to accurately test that data. The requirement of external testing equipment means that portability is not in fact as big an advantage as you might think. In fact, the device which reads the fingerprint data and sends it to the web, must require software on the workstation to work. That means even carrying it around doesn't help me -- and that's of course just one example. Compare this to a smart card, with it's seemingly random number sequences timed to the main server and changing every 30 seconds. A credit card sized card carries no requirement for additional hardware as the numbers themselves have no value without the card.

Fidelity & Complexity: The tenat that biometric data is sufficiently complex is highly flawed. First, because only a full DNA test is highly enough complex that it would count, and it takes years -- not seconds -- to do one. Anything less is actually less complex and unique than a good mathematical hash. We're talking one in billions, not millions. On top of that, the complexity you achieve with biometics is limited to the fidelity of the reading device, for example, a 7 or 13 point fingerprint is not in fact as truly unique as is a full fingerprint. It works in police work, because the fingerprint need not be unique to the entire population -- only to the narrow list of suspects. Also, what is the fidelity -- the resolution if you want -- of the device. For any input reader, an output writer can be made. If you have a screen that can read retinas at some ungodly resolution, you can be sure that someone else will have a device which can produce an image at that resolution. Add infrared for heat mapping, and someone else makes a heat generating device.

Increased complexity on the input mechanism actually reduces the security of the authentication device. Aside from a negative portability issue, biometric data is almost universally insecure in cases where human supervision is not available. In the case of a web login tool, there is a requirement that the hardware be installed at the pc for login, and there is nothing to prevent someone tampering with the person using it, or the equipment, or the pc itself. If its on someone's desk, what happens if I plug a reader in between the device and the PC to capture the signals from the device to the pc? If the device is permenantly installed, than perhaps the driver on the PC can be encrypted as can the transfer of data between the device and the pc -- but in that case you are in fact relying on the encryption not the biometrics for surity and you're further reducing the portability. I can also tamper with the person -- a threat of some kind, for example.

Lets compare this to a smart card. For those who haven't used them or researched them, a company can purchase a smart card system which includes the smart cards themselves, and a computer program to manage the keys and numbers. Each smart card is serialized with what amounts to a public/private key system. That is to say, the card's serial number is its public key, and its private key is known only to itself and to the server. The card generates a multi-digit number ever 60 seconds and displays it. That's all. That numeric display is typed into any device (a web page for example) along with a user's log in. The server then can look to see what smart card is assigned to the user, and pass to the authentication server a tag saying "smart card id xxxxxx is authenticating a 00:00:00 GMT with a code of yyyyyyyyy". The smart card server will compare that number -- which is unique both to that card, and to that exact moment -- with its encrypted algorythm and private key for validation. That means to authenticate you need the card, and the person's userid (and sometimes a password). There are many variations on this, but you get the picture.

In terms of portability, a credit card sized device (and they're getting smaller, like watch built-ins) is all that is needed. No input device, since the numbers can be keyed in on any keyboard. Similar systems can be used which are radio signals in places where built in hardware makes more sense, or output ports. These devices can be embedded in id badges, car keys, or even under the skin (hope we don't get there).

In terms of protecting the source data -- the digits are useless after 60 seconds so there is no point in capturing them.

In terms of complexity -- all the complexity occurs in the safe "protected" area of the server, not the user. There is no need to attempt to forge a scan, because its just typed digits.

In terms of repudiation -- the cards are serialized, and any card can be made useless at the server with a keystroke by an admin. I know of no way to repudiate dna or other biometric data.

In terms of fidelity -- the cards are limited only by the number and range of digits -- for example a 12 digit case sensitive alphanumeric, with punctuation can be hugely complex, and that fidelity can be increased simply by replacing the inexpensive cards as technology and encryption techniques change. This results in a level of "uniqueness" (hate that word) which is far superior.


There are  - loading -  comments....



Other Recent Stories...

  1. 01/26/2023Better Running VirtualBox or VMWARE Virtual Machines on Windows 10+ Forgive me, Reader, for I have sinned. I has been nearly 3 years since my last blog entry. The truth is, I haven't had much to say that was worthy of more than a basic social media post -- until today. For my current work, I was assigned a new laptop. It's a real powerhouse machine with 14 processor cores and 64 gigs of ram. It should be perfect for running my development environment in a virtual machine, but it wasn't. VirtualBox was barely starting, and no matter how many features I turned off, it could ...... 
  2. 04/04/2020How many Ventilators for the price of those tanks the Pentagon didn't even want?This goes WAY beyond Trump or Obama. This is decades of poor planning and poor use of funds. Certainly it should have been addressed in the Trump, Obama, Bush, Clinton, Bush, and Reagan administrations -- all of which were well aware of the implications of a pandemic. I want a military prepared to help us, not just hurt other people. As an American I expect that with the ridiculous funding of our military might, we are prepared for damn near everything. Not just killing people and breaking things, but ...... 
  3. 01/28/2020Copyright Troll WarningThere's a copyright troll firm that has automated reverse-image searches and goes around looking for any posted images that they can make a quick copyright claim on. This is not quite a scam because it's technically legal, but it's run very much like a scam. This company works with a few "clients" that have vast repositories of copyrighted images. The trolls do a reverse web search on those images looking for hits. When they find one on a site that looks like someone they can scare, they work it like ...... 
  4. 03/26/2019Undestanding how OAUTH scopes will bring the concept of APPS to your Domino server 
  5. 02/05/2019Toro Yard Equipment - Not really a premium brand as far as I am concerned 
  6. 10/08/2018Will you be at the NYC Launch Event for HCL Domino v10 -- Find me! 
  7. 09/04/2018With two big projects on hold, I suddenly find myself very available for new short and long term projects.  
  8. 07/13/2018Who is HCL and why is it a good thing that they are now the ones behind Notes and Domino? 
  9. 03/21/2018Domino Apps on IOS is a Game Changer. Quit holding back. 
  10. 02/15/2018Andrew’s Proposed Gun Laws 
Click here for more articles.....


pen icon Comment Entry
Subject
Your Name
Homepage
*Your Email
* Your email address is required, but not displayed.
 
Your thoughts....
 
Remember Me  

Please wait while your document is saved.