Slashdot Mirror
Biometric Face Recognition Exploit
clscott writes "A researcher
at the U. of Ottawa has developed an exploit to which most
biometric systems are probably vulnerable.
He developed an algorithm which allows a fairly high
quality image of a person to be regenerated from a
face recognition template. Three commercial face rec.
algorithms were tested and in all cases the image could
masquerade to the algorithm as the target person.
Here are links to a
talk
and a
paper.
Unfortunately, biometric templates are currently considered
to be non-identifiable, much like a password hash.
This means that
legislation gets passed to require
hundreds of millions of people to have their biometrics
encoded onto their passports. This kind of vulnerability
could mean that anyone who reads these documents has access
to the holders fingerprint, iris images, etc."
So this means that spotty, streaky photo of me (or is it a dog .. a wombat maybe?) on the back of my CostCo membership card isn't safe! Just about anyone could march in the door, past their regorously trained staff and buy Boca Burgers for half off!
Someone showed me a fake driver's license made by a "novelty" company. The only distinguishable difference was a missing apostrophe in the text on the reverse. It had holograms and everything. Thoughtfully, the company stated, "This is only for amusement value, illegal to use as ID", etc. Yeah, that should cover it.
A feeling of having made the same mistake before: Deja Foobar
BioPassword unfortunately suffers from a habit of producing false rejections. It really diminishes its usability. BioPassword's best trait is that it doesn't require an additional hardware purchase to work. Several high profile banks inspected BioPassword to determine whether they could use it for identity authentication within the context of online purchases. They came to the conclusion that it wasn't usable enough.
I think many people miss the boat when it comes to biometric identity authentication. The fact is, any security protocol can be exploited. The idea is to make it a protocol difficult enough to exploit so that it isn't in the best interests of an attacker to go after whatever is being secured. It's like cryptography. There is no unbreakable code or cipher, but there are codes that are difficult enough to break that it isn't worth the time or effort required to break them.
If you bothered to RTFA (I know, this is /.), you would find that this exploit does not need access to the biometric data, instead it only needs access to the scoring function.
Put simply:
1. start with some random face
2. ask the system to compute the recognition score for this face
3. make changes to the face
4. compute the new score
5. if the score is higher, keep the change to the face, if the score is lower, reject the change
6. goto 3
You'll notice that nowhere do you have to look at the biometric data itself. You only have to ask the system to compute the recognition score (for which it comes with a handy api).
Actually, this idea is so brilliantly simple, that I'm annoyed that I didn't think of it myself (it relates closely to a bunch of work I've done on image reconstruction.
Every comment I have read has missed the point!
This is not an exploit designed to show that biometric systems can be fooled or that you could create some kind of fake image that would match an existing one.
The whole point is that this shows that biometric templates are privacy-sensitive. Previously it was thought that they could be stored and promulgated without interfering with anyone's privacy, because it was thought to be infeasible to start from the template and reconstruct personally identifiable information about the subject.
The new paper shows that this is not true; from the templates, you can reconstruct an identifiable picture of the individual. That means that, for example, if you had a bunch of templates of people who went in for an AIDS test, you could re-create pictures of the people who went in, adequate to recognize individuals.
This would therefore interfere with the privacy of those individuals. And that implies that templates need to be subject to the same kind of privacy restrictions as other forms of personally identifying information, a standard to which they have not traditionally been held.
And that's the point of the paper.
I think all these comments are very interesting, and would like to invite those of you with a continuing interest in the subject to join the yahoo biometrics group.
Go to http:\\groups.yahoo.com\groups\biometrics
and follow the links to join. The listserv is open, you can select various email delivery options, and you can hide your email address if you choose.
Cheers
The yahoo biometrics group moderator
A useful password hash (at least one that isn't considered to be plain-text equivalent) is a cryptographic hash. A cryptographic hash is one thought to be np-hard.
...
For instance, take this simple hash:
uint32_t hash;
for (size_t i=0; i < str.length(); i++) {
hash += str[i];
}
Given an input of say, foobar, one would get a hash of 633. Now, if I start with an arbitrary password of say, google, I get a hash of 637.
Since I know that slight adjustments to the word, produce slight differences, I know that I can just start moving letters one space down the alphabet until I find a matching value.
Lets say I choose:
google -} 637
foogle -} 636
fnogle -} 635
fnngle -} 634
fnnfle -} 633 *bingo*
So know I've successfully "exploited" this password protection mechanism.. This is why it's referred to as plain-text equivalent.
A cryptographic hash though has the interesting proper that a small change results in a unpredictable different. For instance, in the same example you might get:
google -} 3453
foogle -} 234543
fnogle -} 234
fnngle -} 23425434
fnnfle -} 53424
There's no reason biometrics can't be cryptographically strong. It's just that the algorithms currently being aren't. That's no big news for anyone with even half a clue stick.
int func(int a);
func((b += 3, b));