I just read schneirs latest cryptogram and it brought out a few
issues I have been thinking about for a while wrt biometrics.
at http://www.counterpane.com/insiderisks1.html he says:
"Biometrics are unique identifiers, but they are not secrets. You
leave your fingerprints on everything you touch, and your iris
patterns can be observed anywhere you look. "
Has there been any work that anyone knows of applying anonymous
digital cash style blinding algorithms to biometric databases?
Is this feasible?
ie, coupled with a passphrase or a smart card or both, can a
biometric database be constructed so that the data is blinded and
your biometric data cannot be stolen and used without knowing the
blinding factor (presumably kept safe).
