Slashdot Mirror
Exchanging Pictures To Generate Passwords
Roland Piquepaille writes "Today, Ileana Buhan, a Romanian computer scientist, is presenting her PhD Thesis at the University of Twente in the Netherlands. She is using biometrics to protect confidential information when it is exchanged between two mobile devices. This is a very innovative approach to security. Buhan's biometric application will generate almost unbreakable passwords from photos taken by the connected users. Here is how it works. 'To do this, two users need to save their own photos on their PDAs. They then take photos of each other. The PDA compares the two photos and generates a security code for making a safe connection.'"
This sounds like interesting work as I'm sure that the hashing of the photos to generate the passwords is quite interesting research. But from the summary (on the uni site) the work is quite flawed as a security measure. If I see Alice and Bob taking pictures of each other in order to establish a secure link then all I need to do is photograph them both covertly and I can regenerate their password.
Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
How does can this deal with the standard picture-comparison problems - different lighting, different makeup, different facial expressions? If this works, this will be big for image-search, not just passwords, but I am significantly skeptical that it works as advertised.
so where does the bio part come in ? a picture isnt bio anything
then again this another crappy Roland article so its not suprising its short on facts and long on plagiarism
Johnny Mnemonic?
I seem to remember this is how the 'password' for the encrypted information put into Johnny's head
"and generates a security code for making a safe connection ..."
and what if i eavesdrop that connection and duplicate that security code ?
Read radical news here
this sounds well and good, but isn't it pretty easy to take a picture of someone else and some how fool this system?
Procedure: Alica and Bob have their own picture stored on their own phone. They each take a picture of the other so each has a picture pair (Alice+Bob) and construct a symmetric key from the picture pair.
Crack: Eve takes a picture of Alice and Bob to get a picture pair (Alice+Bob) and constructs the same symmetric key.
Johnny Mnemonic http://www.imdb.com/title/tt0113481/
When It Counts.
So if you take a photo of bob you ARE BOB?
This brings identity theft to a whole new level, its like how african villagers are afraid cameras will steal their soul.
And since Ms. Ileana Buhan is on Facebook, we have her photo along with her friends...say 'cheese!'
How do you change your key?
Option A: Hair cut.
Option B: New contact glasses
Option C: Facial surgery
This scheme seems to have the problem of biometric key schemes. As usual, how do you change a compromised key?
Why am I reminded of the recently invented Japanese cigarette machine, which used a camera and image analysis software to determine if the user is old enough to buy the cigs. Of course, it was easily defeated by simply holding up a picture of grandma in front of the camera.
... between this, and simply generating a shared key? Honestly, I don't see any difference. In effect, that is more-or-less what this does... generate a shared key for later communication. Big deal. It doesn't matter whether it is "biometric" at all... other than the fact that so far "biometric" data has been far easier to fool.
And the "SecureGrip" project is a joke. In order for anyone in their right mind to stake their life on a biometric security device for their gun, it would have to reject others almost perfectly, and accept the legitimate owner infallibly... the latter being the more important of the two by far.
We are nowhere near that kind of perfection. I wouldn't touch something that uses even the most recent versions of "SecureGrip" with a 10-foot pole, much less pay money for it.
It's going to rather embrassing when both users pick goatse for their photos.
Why is that? If using random hashes make a password unbreakable then what's the ground breaking part of this? It's been known for decades that you need a very good random hash (and importance is proven with recent Debian comment-out code including gpg tools).
This application has some 'cool factor' since it would make your shoot pictures of your friends in order to protect your 'important' communication between them, but real problem in here is not hashing, it is password generation algorithm. If it has weaknesses your random hash (ie. salt) won't make it any secure. And also how applications reach/use this password is another factor.
Biometrics have a good 'cool factor' but they indeed put other problems into security. As other posters mentioned you can shoot picture of Alice and Bob, considering it uses facial information, you can mimic it. It is like you could get finger prints left on some fingerprint scanners. Besides libraries using those biometric data need to a lot more time to be proven as secure than textual password algorithm we use today.
I might be a conservative about this but I still believe that even though biometrics can put some additional security, they still need to be harvested with memorized (ie. textual or verbal) passwords. If you don't harvest them, then you add possible attack vector of biometric data encoder to underlying authentication stack code as well.
[ I didn't RTFA ...]
Having to match-up two different facial pics seems like a possible point of failure - Both for false-negatives and false-positives.
Either you have advanced facial-pattern software to generate a 'fingerprint' from the pic, or you do something along the lines of downsize to 32x32 pixels, convert to black and white and hope for a 85+% match.
It might work better if you have to take a picture of something that is 'more guaranteed' to be the same every time.
For instance, a snapshot of your Driver's License pic seems like it might work (Just the pic, nobody wants their full DL floating around.
Hehe, no, a pic of the CELL PHONE itself!!
Even better, the cell phone could generate a unique bar code and you exchange pics of the code, or the cell phone and the code if you wish.
Cube On! (http://stores.ebay.com/PuzzleProz)
Hi Roland! What's up? I haven't seen you in a while!
So... an identical twin, equipped with the technological veil of communications, can still break it? :D
I preferred the shake to sync method where two phones would be held together and shaken randomly. Both phones take accelerometer measurements and use the pattern they were shaken in as a shared secret.
I wish to remain anomalous
Using a picture to generate the data may be new, but that doesn't address the difference between the data once it's generated, and any other shared key. I could as easily generate a key using a recording of my voice -- and that may be a new thing too -- but the end result would be exactly the same except for the particular combination of digits. Random typing could be used to the same effect (although it is a bit more difficult to get "random"-looking data that way). Or I could use heat noise from a reverse-biased diode or transistor.
Big deal. I am not impressed.
What if they're not close enough to take pictures of each other?
Sorry, I just don't see the usefulness of this.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Just upload the following:
A picture of your highschool.
A picture of your first pet.
A picture of your first car.
THL phish sticks
And if you do have to share a key in the open, just be obscure... like, "hey remember the first name of that girl we both [redacted*] at that beach party?" - that's the password to authenticate, "oh, and use the usual case and leet-substitutions..."
* not for salacious reasons, but just because I know the crowd here (hey, it could be "laughed at", "or felt sorry for", etc.)
This issue is a bit more complicated than you think.
... it's completely broken.
So, who's this Ph.D. candidate and her supervisor? Because, I want names. I want to know who to stay the hell away from with regards to security.
So what's the rotating circle thing below each article with a field you can type in, and a play button?!?
She's hot. http://wwwhome.cs.utwente.nl/~balazsi/
> What if the photo is based on Bob or Alice's genitals?
This is why it won't be of any use to Slashdotters. Who wants to take the risk that they'll be sent goatse?
If Alice and Bob are meeting in person, why do they need an elaborate key exchange protocol? Wouldn't it be easier for Alice to hand Bob a USB thumb drive with her key on it?
I was looking for a new way to share these hot 2girls1cup vid caps!
And if you do have to share a key in the open, just be obscure... like, "hey remember the first name of that girl we both [redacted*] at that beach party?"
"Dude, I don't."
All that was done is this person swapped 'public' and 'private' "text-based" keys for image-based keys and generated a similar response. The input seed is much larger so I'm not even really sure what has truly been accomplished aside from the fact that any 8 year old with a camera can take a photo of themselves but apparently developing a security system where you tap your iPhone twice to generate an SSL Key is too difficult to come up with..or apple is shooting it down in the appstore.. eh..
apples and oranges, right?
I thought U Twente was just a huge warez server.
Guess I've been out of a long time.
Miss my shell there, and at RIT. :(
I don't remember her name, but I do remember waking up with a Magic Marker in my hand...
Using biometrics means the actual pics need not be exchanged, but would they have to be taken from the same angle? Also, wouldn't an app sophisticated enough to do this accurately tax the limited memory of most mobile devices? As to security, assuming the would-be eavesdropper could tell that the salt was biometrically derived AND both knew and had access to pics of the people communicating, why would they bother to go through the trouble of cracking the encryption just to find out that so-and-so was seen necking with what's-his-name at a party?
The most exciting phrase to hear in science, the one that heralds new discoveries, is not 'Eureka!' but 'That's funny...
One option would be to assume that the two images are a pair of asymmetric keys, given some shared asymmetric encryption function which is derived once the two images are uploaded. It doesn't matter, then, if either image (but not both) falls into the hands of someone wanting to break the encryption - without knowing the function used, having what is effectively a private key for one side of the communication won't help.
A second option is to just use them as seeds for generating key pairs and instead of trading images, use an established method for key exchange to copy the keys across.
Thirdly, you could generate completely random key pairs, then use the photographs as part of the encryption mode between blocks. (This would go back to needing the photographs shared, but even if both photographs were obtained by someone, it wouldn't help them much in decrypting any message.)
Fourthly, you could generate a digital signature, where the signature assumes the image is appended to the message, with the signature as the first part of the encrypted message. This adds a little to the authentication, but also as the signature is non-deterministic, it makes those decryption techniques which involve some sort of pattern analysis of the encrypted data much less useful - you don't know where the text starts.
Next, you could use different slices of the images to pre-generate different keypairs. You could then specify a key by specifying the offset into the image. A variant of that is to pre-generate keys randomly and use the image content at a given offset as a pointer into the key table.
Lastly, you could prepend the message with the image, use a compression algorithm and then encrypt the compressed data. The reason for compressing is that it hides patterns in the data still visible when encrypted. By prepending the image, you absolutely drown out any possibility of residual information that could be used.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Very cogent point.
RTFA. who modded this informative? you should also RTFA.
from TFA:
...even if the user has altered his hair drastically, the system can still recognize him.
so this information IS the same if you take 100 pictures of the same person standing in the same place, or a different place, or if they cut their hair or put on a badge. the crack seems ludicrously easy.
Sadly TFA has extremely bare details. how did this become news on slashdot? I demand more details if I'm going to be bothered. Sometimes I think the admins put bad stories up just so that we can bitch about how bad they are.
It looks like everybody is missing the most important part of this article. The computer geek in question is a SHE!!!1!!!!~
We need photos.
-- Will program for bandwidth
Apparently, the big thing here is that later pictures can be interpolated by the software to approximate the original conditions: Party A's machine says "This picture looks like Party B", and Party B's machines says "This picture somewhat resembles Party A". Then it guesses that if the two are close enough, it should use the shared key that was originally generated.
Yeah, right.
This has all been done before. All it does is weaken any key that might have been generated in the first place, because rather than an exact match, it uses the legitimate key even when the imput is only "good enough"... and "good enough", given all kinds of biometric data, is anybody's guess. On the show "Mythbusters", they bypassed a very expensive fingerprint reader with an inkjet printer and some gelatin. It scored worse than a $35 USB plug-in fingerprint reader from the local computer store.
The point being that it less about the kind of data that you are gathering -- whether it is skin capacitance or resistance, or retinal scans, or fingerprint scans, or whatever. The real issue is not so much what data you have. The big thing is what you do with it.
This is the great weakness of biometrics. It has to be nearly perfect! Otherwise it is, like other similar measures, a "cure" that is worse than the "disease", because it is too easily spoofed. (See Bruce Schneier's explanations of the problems with biometrics and passport RFIDs. The concepts are very similar.)
You can find it here:
http://eprints.eemcs.utwente.nl/10783/
She doesn't seem to be proposing using the image data for key generation directly, as a lot of people here seem to think, but instead to use biometric data extracted from the image. (facial features, for example)
If you're interested in reading more of her work, it's available here:
http://wwwhome.cs.utwente.nl/~balazsi/research.html
It might be a good idea to take a picture of Bob and Alice shaking hands, to be certain the handshake is secured, too. If there's proof the handshake really took place, you know you're connected to who you're supposed to be connecting with!
The problem is this is a Roland Piquepaille "story", and he is paid to get public relations pieces like this in Slashdot.
Right you are. This is just a one time pad. Its strength can be proven mathematically via information theory. To summarize, the strongest encryption is when the key is the same length as the plaintext, so a large key (such as a jpeg of a person) is inherently stronger than a smaller one.
As you correctly point out, the clincher is transferring the keys in a secure manner. If you're face to face with the other person you may as well exchange memory cards containing 2 gigs of data to use as the keys. Why settle for a ~60k jpeg?
Okay, the thing is that the connection is made based on a biometric analysis of the picture taken. It is not taking a picture simply as a seed---there are better sources of entropy than that. Alice takes a picture of Bob, this is analyzed biometrically on Alice's PDA, on the basis of which a key is constructed that is compared with the biometric data of Bob's picture of Bob on Bob's phone, and vice versa.
To break this, get a suitable picture of Alice and Bob and you're done. You can however make it secure by using public key cryptography. However, this doesn't add much to standard security to public key cryptography, it only may add some weak authentification on the basis of biometric picture data. Anyway, judging from the stupid article I'd say it doesn't use decent cryptography and is entirely insecure.
Isn't it sad to be you?
Johnny Mnemonic approves of this research.
carry nearly eighty gigs of data in my head too.
Manual key exchange between two people standing next to each other: So what?
Automated key exchange between people on different continents who have never met before: Now there's a problem!
http://xkcd.com/756//
at an exponential rate. This isn't even PhD material. Yawn.
... the battery goes dead? Or an electronic component fails?
Maybe such a thing would be acceptable for the FBI, but I would not touch one unless it were absolutely reliable. Not 98% of the time, or even 99. Maybe if it were 99.99% reliable... 4 nines.