Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mouse That Scans Your Fingerprints

Posted by CmdrTaco on from the never-forget-a-password-again dept.

Pac writes: "The U-Match mouse has an embedded fingerprint scanning device. It is currently available only for Windows 9x/NT, but Biolink says it will have a Unix\Linux version by the end of the year and a Mac version in the beginning of 2001." I've been eyeballing finger scanners since I saw a nifty one that worked through PAM at a tradeshow one time: I still think it'd be very convenient if it worked, but I'm very skeptical that something like this could gain widespread acceptance.

6 of 90 comments (clear)

  1. Problems with this.. by Panaflex · · Score: 3

    First off, it's optical recognition. Pretty much means that "rubber finger" is quite likely to work. (Compaq's optical scanner was recently spoofed using a flashlight. The print was already on the glass, so the flashlight just fooled it into taking the image on the glass)

    Secondly, How often do you replace your mouse? Mine last about 1.5 years.

    The best quality is that the hardware captures the minutae. Fairly advanced, IMHO (If, in fact the hardware does actually do this.)

    Probably the best finger scanning technology is (ahem, plug) by ethentica. We use a plastic with embeded phosphors over a glass CCD. (Abour 1/16" thick.. 500 DPI) The scan can only be induced by having a live finger because of the electrical properties we use to detect a finger. Also, there is no glass to clean regularly. The plastic is cheap, and lasts for millions of scans. And it's the smallest of all.

    Pan

    --
    I said no... but I missed and it came out yes.
  2. hmm... by MenTaLguY · · Score: 3

    Okay, so, my password is permanently attached to my body and I can't change it, but anyone can use a password-equivalent hash to falsify my identity/authorization?

    greeeeaat...

    --

    DNA just wants to be free...
  3. Pretty Clever by rgmoore · · Score: 3

    One of the best parts of the system is that it doesn't actually send a complete fingerprint scan to the computer. Instead, it crunches it down into a 500 byte "template" that can't be used to reconstruct the user's fingerprint. This seems intelligent both from the standpoint of minimizing necessary mouse-computer bandwidth and for their stated objective of protecting privacy. I guess that this is sort of like storing passwords using an MD5 hash.

    The only problem I can see is that it seems as though it would be comparatively straightforward to spoof. All you'd need would be a hardware tap on the mouse plug and you could capture the fingerprint template as it's sent to the computer. Then you can log in as anyone else by reversing the transmission and sending their fingerprint template instead of your. Since it uses a standard PS/2 port, this shouldn't be too hard to engineer. I guess that you'll have to use this as a secondary system together with a password.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  4. Not so clever by XNormal · · Score: 4

    AFAIK, all fingerprint verifiers use a reduced set of extracted features for comparison. This is the first one I see that tries to claim it's a privacy feature - it's simply how it works. Give a marketroid a bunch of technical details and he's always find a way to present them as features.

    Biometric systems should always assume that the fingerprint, iris scan, etc is not a secret and is known to the attacker. Your password can only be considered secret because you can change it.

    To have any meaningful security a biometric system must have a trusted reader and a secure path from the reader to the verifier.

    Two examples:

    1. The verifier is inside the reader. Your private key is embedded into a tamper-resistant device and a fingerprint is required to perform a private key operation (signing, decryption).

    2. The verifier is in a secure remote server, but communication between the reader and the verifier is cryptographically protected. The reader should sign the scan and also use a timestamp or challenge/response system to prevent replay attacks. Each reader would have a separate signing key so they can be revoked, if necessary. Even the best tamper resistance cannot be trusted with a global reader signing key that results in catastrophic failure if it is compromised.

    Suggested protocol:

    Before being used for the first time the readers are connected to the verification server for initialization. The server generates random keys and sends them to the readers. These keys cannot be read back from the reader, only overwritten.

    For authentication, the client first asks the verification server for a challenge. It sends the challenge into the reader which calculates a hash of the biometric scan, reader signing key and the challenge. This hash is sent to the server along with the biometric scan for verification.

    The reader key should be kept in battery backed static RAM rather than EEPROM. This makes it easier to self-destruct in case a tampering attempt is detected. To prevent the value from permanently affecting the memory cells via ion migration or similar phenomena it could be cycled continously.

    The key database on the server is a single point of failure - but the server is probably the same resource you are trying to protect anyway. It would still be nice to make the key database less vulnerable by using asymmetric cryptography - a key pair is generated during initialization and only the public key is stored on the server.

    The Sony fingerprint scanner (also featured on slashdot recently) appears to implement #1. Does anyone know of a system similar to #2?

    ----

    --
    Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
  5. This is a first... by MostlyHarmless · · Score: 4

    and I don't mean first post.

    Look closely at the text. It says that there will be a Unix/Linux version at the end of the year, but the mac version will not come into 2001.

    This is rare right now, but I suspect that we will see a lot more of this happening. As Linux (and to a lesser extent, BSD[*]) grows, we will see much greater acceptance of Linux as an alternative platform at equal or greater standing relative to the Mac.

    [*] Nothing against the technical merits of BSD; they just have a smaller marketshare at the moment, thus having a lesser affect as an alternative OS.

    --
    Friends don't let friends misuse the subjunctive.
  6. The only reasonably foolproof setup by webmaven · · Score: 3

    would have a magnetic resonance scanner for your head.

    This is the only biometric that everyone has.

    Some people don't have fingerprints, some people have skin conditions that prevent hand scanners and face recognition from working, some people don't have eyes (so no retina or iris scanners), some people are mute (no voice print), but everyone has a head.

    Also, a dead head will not work, and this sort of scanner may even be able to detect emotional distress.
    --

    --
    The real Webmaven is user ID 27463. I don't rate an imposter, because my ID is such a lame-ass high number.