Slashdot Mirror

← Back to Stories (view on slashdot.org)

Biometric Face Recognition Exploit

Posted by michael on from the faceoff dept.

clscott writes "A researcher at the U. of Ottawa has developed an exploit to which most biometric systems are probably vulnerable. He developed an algorithm which allows a fairly high quality image of a person to be regenerated from a face recognition template. Three commercial face rec. algorithms were tested and in all cases the image could masquerade to the algorithm as the target person. Here are links to a talk and a paper. Unfortunately, biometric templates are currently considered to be non-identifiable, much like a password hash. This means that legislation gets passed to require hundreds of millions of people to have their biometrics encoded onto their passports. This kind of vulnerability could mean that anyone who reads these documents has access to the holders fingerprint, iris images, etc."

7 of 188 comments (clear)

  1. This problem is solved by redundancy by NumberField · · Score: 5, Funny
    This isn't a problem because most people have extras of the body parts used for most biometric schemes. For example, you probably a large supply of fingers (about ten), so it doesn't matter if a few get compromised. Similarly, if you have two eyes, it's not a big deal if your retinal print becomes known to bad guys.

    (P.S. Please no replies from humor-impaired folks.)

    1. Re:This problem is solved by redundancy by Xzzy · · Score: 5, Funny

      I'm sorry, go back and read chapter two, where they talk about humor types by geographic region. Your above intended format falls into "excessively dry", which if my memory serves is a method perfected, and quite jealously defended, by the British.

      American humor is expected to involve either bodily functions or blonde women.

      Failure to employ region-appropriate humor will potentially flag you for review as a potential terrorist.

  2. paranoia by klokwise · · Score: 5, Funny

    maybe i should extend my tin-foil hat to a tin-foil facemask and a pair of shiny gloves... that way they'll never recognise me!

  3. One thing that is missing from "the spoof" by adzoox · · Score: 5, Interesting
    A local company to me, has a biometric scan + retina and thumbprint scan, but it also takes your body temp average/signature .... the combination of the three are pretty hard, if not impossible, to spoof. And, anyone that can, was going to break into your system anyway. (With the VERY expensive equipment and extensive knowledge it would take to reproduce all three)

    Sometimes we give criminals to much credit. Again, if it's someone that can go through all three of those, they were going to get past the toughest of Indiana Jones hurdles.

    --
    Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
    1. Re:One thing that is missing from "the spoof" by Emugamer · · Score: 5, Funny

      Biometric analysis equipment $250,000
      Staff time to implement new security procedures $12500
      Sledge hammer: $25
      Expression on the Project Manager's face after he realized he should have installed a better door: Priceless

  4. RTFA yourself by MarcoAtWork · · Score: 5, Insightful

    You don't understand what the article is talking about. When you enroll in a biometric system, the system itself -doesn't- match based on your picture, but on a 'template' which is created by taking your standard data and performing certain destructive operations to arrive to a much smaller 'template' which can still be used to identify you.

    This is very similar to the one-way hashing that happens with unix passwords, only that in this case the hashing is 'lossier' so you have 'confidence scores' instead of a black/white answer.

    The article shows that given this 'hashed' value you can recreate an image that has a good chance of not only being authenticated by the same system/algorithm (which already should be very hard, given the one-way nature of the templatization) =BUT= also by different systems!

    It also is really interesting how if you have access to the 'confidence score' outputted by the recognizer, you can take arbitrary images and blending/averaging them again come up with an image that works.

    This is definitely not useless news and will have quite some implications.

    --
    -- the cake is a lie
  5. Everyone has missed the point by SiliconEntity · · Score: 5, Informative

    Every comment I have read has missed the point!

    This is not an exploit designed to show that biometric systems can be fooled or that you could create some kind of fake image that would match an existing one.

    The whole point is that this shows that biometric templates are privacy-sensitive. Previously it was thought that they could be stored and promulgated without interfering with anyone's privacy, because it was thought to be infeasible to start from the template and reconstruct personally identifiable information about the subject.

    The new paper shows that this is not true; from the templates, you can reconstruct an identifiable picture of the individual. That means that, for example, if you had a bunch of templates of people who went in for an AIDS test, you could re-create pictures of the people who went in, adequate to recognize individuals.

    This would therefore interfere with the privacy of those individuals. And that implies that templates need to be subject to the same kind of privacy restrictions as other forms of personally identifying information, a standard to which they have not traditionally been held.

    And that's the point of the paper.