> "Dr. Memon said their findings indicated that if you could somehow create a magic glove with a MasterPrint on each finger, you could get into 40 to 50 percent of iPhones within the five tries allowed before the phone demands the numeric password, known as a personal identification number."
I don't understand how this is possible at all. I've always assumed that each fingerprint is essentially turned into a hash, and that there must be something like at least 10,000+ possible hashes. I mean, I used to belong to a gym that used a fingerprint reader for entry, and it correctly identified me (flashing my name) from the other 1,000+ members each time.
So as long as the hash space is reasonably large, it doesn't matter what these 5 magic imprints are, they still each convert to just 1 hash, no different from any other fingerprints.
Am I missing some critical aspect here to explain how "master prints" are even plausible -- how they could possibly act as "wildcards" for large swathes of hashes?
That's not how it works. The process of reading your retina / fingerprint is error prone. You can't take hash out of error-prone data blob!
My understanding is that matching the pre-saved template against a fresh scan is a process similar to measuring Levenshtein distance. There is some threshold, and sample with smaller error are accepted. This does imply that the iphone has somewhere stored your _unencrypted_, _unhashed_ template of your fingerprint.
But this is not my area of expertise. Perhaps a subject matter expert can comment.
I'm not an expert, but I remember getting an impression of a very principled approach to biometrics from John Daugman. This article is about iris recognition and I'm pretty sure it is worth posting in this context: https://www.cl.cam.ac.uk/~jgd1000/csvt.pdf
Indeed it is, inside a sensor (that's why so much trouble replacing one on iphone), gladly raw data never leaves it (same goes for Android as well, except really really old versions, like 4-)
Find the section titled "Secure Enclave." When the SE needs to store data on the filesystem, it's encrypted with a key that never leaves the SE. Effectively, assuming the encryption is implemented correctly, data 'owned' by the SE is never available to any other part of the system.
I addressed this when this study was discussed last week, but it's worth reminding that minutiae comparing is not the only technique used for fingerprint matching. [1]
Thanks for the link! Yes there are many ways, I always thought minutiae was most common/simplest. There are some interesting advancements also occuring in the optical tomography. [1]
> Full human fingerprints are difficult to falsify, but the finger scanners on phones are so small that they read only partial fingerprints. When a user sets up fingerprint security on an Apple iPhone or a phone that runs Google’s Android software, the phone typically takes eight to 10 images of a finger to make it easier to make a match. And many users record more than one finger — say, the thumb and forefinger of each hand.
> Since a finger swipe has to match only one stored image to unlock the phone, the system is vulnerable to false matches.
> “It’s as if you have 30 passwords and the attacker only has to match one,” said Nasir Memon
>> "Dr. Memon said their findings indicated that if you could somehow create a magic glove with a MasterPrint on each finger, you could get into 40 to 50 percent of iPhones within the five tries allowed before the phone demands the numeric password, known as a personal identification number."
>I don't understand how this is possible at all.
You're confusing Sensitivity (also called the true positive rate), Specificity (also called the true negative rate), and conditional probabilities.
>I used to belong to a gym that used a fingerprint reader for entry, and it correctly identified me (flashing my name) from the other 1,000+ members each time.
This is the finger-print reader's sensitivity, P ( Access granted or positive identification | Correct key is supplied [your thumb] ). It is not Probability ( Access granted or positive identification | Incorrect key is supplied)
I think the point is that it recognizes their fingerprint, and doesn't mistake it for any of the 999 other users. If it can tell the differences between a thousand fingerprints, why can't it be sensitive enough to reject at least 999/1000 false fingerprints?
Think of it this way: What's the probability that one of the 5 master prints match their specific 1/1000 fingerprint, and not one of the other 999 customers? If you can distinguish between 1000 people, you should be able to distinguish a real from 999 fakes.
You're assuming an equivalent amount of entropy between the 1000 real fingerprints and constructed fake ones which are attempting to be as close as possible to the real one. That seems unreasonable to me.
You're still also only considering false negatives (user is erroneously rejected). You have no data points about false positives (user is erroneously allowed).
If the sensor always detects and admits Bob, even when it's Alice, you'd have the exact same success data for Bob.
>You're still also only considering false negatives (user is erroneously rejected). You have no data points about false positives (user is erroneously allowed).
As far as I understood, the system is distinguishing between its members so we have some data about false positives because OP was always identified as themselves and never as another member.
From that data point, how can you be sure that every single finger pressed to the reader doesn't identify as OP? You are assuming OPs low false negative rate has implications about false positives.
Edit: this type of reasoning is probably what lead to the recent authentication bypass flaw in Intel's AMT code. It just accepts anything passed to it as a valid password hash. That test is probably still passing in their CI system...
. . . because the gym still uses the system? If it didn't accurately distinguish between their customers, why would they still use it?
This is 100% not the same type of reasoning. We have reason to believe that the fingerprint accurately distinguishes between 1000 different options. False positive and false negative aren't meaningful terms here, because we're no longer dealing with yes/no results.
"If this authentication system didn't work nobody would use it" is literally the reasoning I mentioned above.
> we're no longer dealing with yes/no results
That's exactly what we're dealing with. Iterate through the list of fingerprints in the database, does provided == stored.
You might be interested in reading about CER (crossover error rate). It's the term used for discussing the trade-off between type 1(false positive) and type 2 (false negative) in biometric systems especially.
You really think the gym would use a system where a large portion of fingerprints match as OP? No, we're not dealing with yes/no. We're dealing with "which fingerprint matches the given data best", not "does the given data match a given fingerprint well enough". The scanner doesn't return "is this person OP", it returns "which person is this".
> it correctly identified me (flashing my name) from the other 1,000+ members each time
That tells you very little. Figuring out which print you're closest too is different from figuring if you match any of the prints on file. How well it does one doesn't really tell you how well it does the other.
Also 1,000 isn't very many. That only requires the same entropy as a 3-digit PIN.
If everybody was issued a unique PIN, sure, but if the PINs are picked at random you need a much larger pool of numbers to make 1000 unique values likely.
If 1000 people chose a three digit PIN completely at random, the odds of any one person's choice being unique are about 36% ((999/1000)^999) - i.e., about 360 people will get a unique number, the rest will share theirs with at least one other person. In fact, it's almost certain (about 99.9%) that one of the 1000 possible PINs will be picked by five people (see https://math.stackexchange.com/a/25878). That formula estimates that there's even a 75% chance that your group of 1000 people contains one group of six who all picked the same PIN.
If you go up to five digits, for a pool of 100,000 possible PINs, then the odds that one of a thousand random PINs is unique go up to 99%, so you likely only have 10 or so people who share a PIN. Six digits, you get to 99.9%, which means about half the time 2 people have a PIN collision.
So no, capturing enough uniqueness from a fingerprint (given that you don't get to allocate the fingerprints, they get chosen for you at random) to reliably pick out one person from 1000 requires at least as much entropy as a six digit PIN - probably more.
I don't understand how this is possible at all. I've always assumed that each fingerprint is essentially turned into a hash, and that there must be something like at least 10,000+ possible hashes. I mean, I used to belong to a gym that used a fingerprint reader for entry, and it correctly identified me (flashing my name) from the other 1,000+ members each time.
So as long as the hash space is reasonably large, it doesn't matter what these 5 magic imprints are, they still each convert to just 1 hash, no different from any other fingerprints.
Am I missing some critical aspect here to explain how "master prints" are even plausible -- how they could possibly act as "wildcards" for large swathes of hashes?