> my guess is that fingerprint scanners don't produce the exact same output every > time a finger is scanned (similar to what an image scanner might see). Hash > functions should produce completely different output if only a single bit is > changed, making comparison with a stored value at least a very hard problem > if not impossible.
Shifting data from a the sensor would make any bit-for-bit comparison impossible regardless of hashing, so there is some kind of additional calculation being done to get to a bit-for-bit comparison. Vaguely analogous is music recognition software (ala Shazam), which develops a series of tonal signatures for a piece of music: it's impossible to recreate the original song from the signatures, but it can still match with high confidence. Conjecture conjecture conjecture, of course. Hah. I'm just trying to consider how fingerprints can be used without the threat of revealing/reconstructing/hijacking the fingerprint itself ...
-- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
