Adding Hardware Security with the CryptoCape - BeagleBone for Secret Agents

Hardware Reference

In-Depth Information

Appreciating the limitations of fingerprint

biometrics

Realize that this fingerprint sensor authentication mechanism is only as strong as your fin-

gerprint. A common critic against using fingerprint sensors centers around the fact that it is

difficult for you to change your fingerprint. Once your fingerprint is copied you can't re-

voke or change it as you can with a password. Using a fingerprint as a two-factor mechan-

ism slightly reduces the risk of an authentication breach since a pin or password is still re-

quired. You can also mitigate the risk of a fake fingerprint attack on your sensor by station-

ing an armed guard to watch the sensor as Bruce Schneier, a security technologist, stated in

a September 2013 opinion article in WIRED magazine. Such luxuries are often limited to

deep-pocketed governments.

Note

Mythbusters , a popular science and engineering program on the Discovery Channel, busted

the myth that fingerprints could not be copied and showed how to defeat fingerprint

sensors: https://www.youtube.com/watch?v=3Hji3kp_i9k . Also, days after the Apple

iPhone 5s was released, the biometrics hacking team of the Chaos Computer Club ( CCC )

showed how to bypass the fingerprint sensor: http://www.ccc.de/en/updates/2013/ccc-

breaks-apple-touchid .

Perhaps the greatest danger of biometric systems is the potential for a grave privacy breach.

A database of fingerprints should be well protected since once the fingerprints are exposed

they are no longer useful for any other biometric system, ever . In August 2014, Hold Se-

curity, an information security forensics company, reported to the New York Times that over

1.2 billion usernames and passwords were acquired by a Russian crime organization. While

incredibly damaging, this breach would be irrecoverable if fingerprint biometrics were

used. Hopefully, companies aren't storing fingerprints directly but representations of the

fingerprint similar to a hash digest. However, if implemented poorly, the results can be as

disastrous as storing the raw fingerprint.

With these warnings in mind, we will continue with using a fingerprint sensor for this pro-

ject. You'll gain insight on how a fingerprint sensor works and how to it fits into an authen-

tication system. When you are finished with this project, however, you should probably de-

lete your fingerprint from the sensor's database.

Search WWH ::

Custom Search

Home