"We take people's fingerprints because we think they might be guilty of something, not because they want to use the library." ⇒
21 May 2005, late afternoon
Not in America -- suckers. This link was found via Boing Boing.
This is a post from my link log: If you click the title of this post you will be taken the web page I am discussing.
quote:
Naperville library officials said the technology cannot be used to reconstruct a person’s actual fingerprint. The scanners … use an algorithm to convert 15 or more specific points into a unique numeric sequence. ... West said the numeric data cannot be cross-referenced with fingerprint databases kept by the FBI or state police.
:endquote
It sounds like some thought went into how it works, i.e. they store a “hash” (like) values instead of the actual fingerprint. (Much like how text passwords work). However, if you have a real fingerprint, can’t you just “hash” it can then scan through all the records to see if you get a hit. If so then you have a name. i.e. It is theoretically possible to still match a fingerprint with a person even though an actual copy of the person’s fingerprint is never stored by the system.
by Ryan on May 22 2005, 12:33 am #
the text password thing is a good analogy. Like you said, a function that drops data is proof against back-reconstruction, but you can still run a dictionary attack on it.
I guess it would depend on exactly what you wanted to do. If you specifically wanted to point to a library record (hashed value) and say “who is this?”, then you’d have to throw tons of known fingerprints at their algorithm and see if any matched the hashed value. That’d be hard.
by Weiguo on May 24 2005, 6:17 pm #
There are few interesting things you could try that are quite reasonable.
1) Suppose you have fingerprints from a crime, but they aren’t on files of the authorities.
Suppose half the town uses the public library (and, thus, the library has a “hash” of half the town’s fingerprints).
Now, certain US government legislation makes it “easier” to obtain library records. So suppose also that the library’s records are available to the authorities. They can now “hash” the fingerprints from the crime scene and if they get a hit from the library’s records then they have the culprit.
Viola, 50% chance of determining who did it (assuming all other things being equal). Half of all crimes involving fingerprints are “trivial” to solve now.
(I’m sure someone will say is it really a bad thing to do this and solve a crime? But if that was the case then why don’t we cut out the middle man and force everyone to be preemptively fingerprinted by the police when they are young).
2) The dictionary attack that you suggested.
There are 6 billion people in the world (give or take).
There ~ pi * 10 million seconds in a year and processors are around 3.8 GHz these days (give or take). So n = 100 computers (CPUs) can perform 12 billion billion operations in year.
Suppose it takes 2 billion operations to read a fingerprint record, “hash” it, then compare to the library’s records.
Then you can do a dictionary attack for everyone on the planet in a year.
If a year is too long then just buy more computers (i.e. Use n = 5000 CPUs to do the search in a week).
If you don’t like my assumption of 2 billion operations per comparison – while I don’t think it is that far off from the reality (at worst it should be off by less than a factor of a thousand…so just change n, the number of computers, and the value of n is still reasonable. (i.e. $1000 per CPU => 1000 CPUs = $ 1 million…afforable for a government, organized crime network, etc.).
by Ryan on May 25 2005, 6:49 am #
I didn’t mean it ( 2) ) would hard re: processing ops. I meant it would be hard because you don’t have 6 billion fingerprint records (softcopy) that you can just hash up. And converting 6 billion from “hardcopy” to soft is hard.
by Weiguo on May 25 2005, 3:52 pm #