Biometric technologies and their security

Discussion in 'privacy general' started by Minimalist, Jul 5, 2017.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,780
    Location:
    Slovenia
    http://www.information-age.com/biometric-technologies-security-123467159/
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,780
    Location:
    Slovenia
    https://www.pri.org/stories/2017-09-02/how-make-biometric-technology-more-secure
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    Biometrics: How to coerce the people into abandoning secure password based authentication for an insecure method that can easily be broken by the authorities while at the same time increasing the potential for surveillance.
     
  4. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,658
    Location:
    UK
    A rather salutary reminder why biometrics are a really bad authentication idea for the user (not, I trust because the particular circumstances would apply to you, but because it shows how coercion can weaken biometric protection easily), is being reported here:

    https://www.theguardian.com/world/2...fter-wife-discovers-husbands-affair-midflight

    A woman used her sleeping husband's fingerprint to open his smartphone, on which she discovered evidence of infidelity.

    More generally, this form of authentication is not treated as compelled speech as pins (possibly) are.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062
    Biometrics being outside of 5th amendment would be enough for me. I do use fingerprint for my smartphone but that is like a bathroom door lock. Just keeping prying eyes away from my stuff, but no illusion it would be secure against any Gov actor.
     
  6. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,658
    Location:
    UK
    There's also the non-repudiation aspect of biometrics, and the likelihood of them trying to transfer risks of financial fraud directly on to you in cases of financial institutions. Just say No.

    On a parallel note, I am "amused" to see that Estonia has frozen their electronic ID cards because they are suffering a fundamental security flaw that could be exploited by bad actors. Actually, this is responsible on the part of the authorities.

    The reason for the amusement was that I vividly recall the reaction of the UK government at the time they were considering imposing ID cards (and worse, the National Identity Register) on an unsuspecting public - against my advice and pretty much every expert's feedback on the things. At the time (2005-2007), the officials and politicians were barefacedly assuring everyone that they were completely secure and safe, and that the NIR couldn't possibly be hacked, even though it was going to be accessible by pretty much all govt. departments.... laughable, but they still said it. It was only repealed by a change in politics, although that party went to the Dark Side with the Investigatory Powers Act.
     
  7. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    @deBoetie I strongly believe the purpose of implementing biometric authentication is two fold because inherent in it's use is,
    1) The non repudiation aspect you mentioned.
    2) The ability to retrieve the authentication from an individual without their consent.
     
  8. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062
    deBoetie and RockLobster,

    I understand your biometric observations/comments. I proceeded with use of them on my Smartphone but those biometrics will NOT allow access to my bank or real name email accounts. I never store my login passwords and my bank and email are ONLY accessed via U2F even after the login credentials. The fingerprint biometric only opens the phone to enter what I need. While I won't bet my life on it, my Pixel XL running Oreo, is not supposed to ever transmit the fingerprint data and its supposed to be encrypted ONLY locally on the device. Whether or not that is fully true is untested by me, but their stated policy is that they have NO access to my fingerprint data outside of the device itself. At the "State and Federal" level my fingerprints are completely on record anyway. I carry a weapon daily and my licensing requires annual background examinations including fingerprints by the Feds and all local LE. Just how it is in my world.

    Lastly, you likely have seen the news regarding access to the phone carried by the Murderer of those in the Texas church. They will shortly gain access to the phone anyway, so biometrics in the end will not have changed the outcome at all if they were used instead of only a password. So at the "state level" these password approaches on a smartphone at best simply slow them down a week or two. On a Linux LUKS volume its a completely different story.
     
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,658
    Location:
    UK
    @Palancar - you're lucky having a bank that's supporting U2F, they seem so intent on smartphone apps and so on. One of my big bugbears at the moment is the terrifically bad Paypal situation - extremely disappointing since they were a founder member of Fido.

    It sounds in any case like what you're doing is prudent opsec, which is all that's possible with these devices, and keeping stuff you care about well away from them. As you say, it's not possible to verify that the fingerprint hash or whatever they do with it stays local; sorry to say, I don't trust that unless I could see a complete open-source hardware and software implementation which could be plugged in. So that just leaves you with opsec.

    LE moaning about locked phones strikes me as pretty absurd - it may mean they have to do some regular police work in what is an after-the-fact investigation which is very unlikely to change anything even when they have all the phone info. It's the golden age of surveillance, they'll know where he's been and who he's called in any event. And I can't see any bad guys who have planned an operation leaving anything of value on the things anyway.
     
  10. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062
    Couple of things:

    I am always amazed that "bad guys" have absolutely everything on the very phone that they use while in the commission of their crimes. Planning, associates, everything just sitting there spoonfeeding LE with the followup steps. A grade school student would know better, but not the majority of them.

    I never checked Paypal with regard to U2F, but if they don't its a shame. I generate a virtual credit card and provide that as my link to Paypal for my account. Only Paypal has that virtual number and only the merchant "paypal" can use that account number. It is dead for any other merchant #, if Paypal gets hacked or has a bad employee the card number is useless on the open market.
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,780
    Location:
    Slovenia
    https://www.forbes.com/sites/leemathews/2018/02/14/you-can-log-in-to-windows-10-with-your-veins
     
  12. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    81
    The only way to secure bio-metric ID is to make it more expensive to hack than the value of the resource it is protecting.
    Fingerprints are terrible because making a fake finger with someone else's print can be accomplished for a few dollars.
    Eyeball scans are better (iris, retina) but still need to be secured with expensive scanners that can't be fooled by someone holding up a picture of an eyeball.
     
  13. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    490
    This is the first time I have heard of virtual credit card.
    Where can I get one?
     
  14. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    Once a fingerprint, retina scan etc has been converted to data, that is all it is, just data. The same as a password. That data is no more secure than any other.
     
  15. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062

    I generate my virtual numbers using my bank. There are many banks that offer such a service. Steps are easy. Log into your bank and generate the virtual card using their site. The way they work is that the virtual number is linked to your REAL credit card number. Any transactions show up on the real number account. The generator creates a new number, expiration, and three digit security card exactly the same type as the actual/real number. A merchant cannot tell its a virtual number because to them its all exactly the same process as any real number. The positive elements of this procedure are that YOU set the credit limit (on a 50 dollar purchase I may set 65 bucks or something). YOU set the expiration date, and I use 2 months since the purchase is going to be online and instant. Next, and most re-assuring is the nobody has ever seen that number before and the FIRST merchant that uses the card is the ONLY merchant number for which the card will work. If somehow anybody gets that number it is useless to all but one merchant number. Next it would only have a few small dollars left on the credit limit anyway. Once my item arrives I log into my bank and blow the virtual number away and now it doesn't exit. Simple and safe.
     
  16. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062

    See that is where I go back to U2F. The website sends a command to the U2F chip during the sign-in handshake, which contains an encrypted algo and the chip sends back a response. Only that ONE chip in the world will respond with the needed data the site is waiting for. Absent the physical "chip" you are not going to be able to respond appropriately and therefore you will remain locked out!
     
  17. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    490
    So in essence, I could create virtual, throw away cards with time limit that are valid only for that purchase?
    That's brilliant!
    Thanks :)
     
  18. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    Is their not the possibility of a master chip that can unlock any account?
     
  19. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,062
    There is no master chip that I know of. The word possibility is pretty encompassing so yes there is of course some possibility. Think of the chip as a GPG key containing one side of the pair (very simplified analogy here). When the site sends piece of the encrypted stuff to the chip it will respond correctly only if the key matches. The user uploads the needed part of the key that the site will use to inquire of the U2F chip for all logins. Using Google as an example: you the user tell Google/Gmail which key will be YOUR key and provide what is needed when Google uploads from the key. Now THAT key is the only one able to correctly respond during a handshake. Similar to a hardware wallet on Bitcoin there is NO way (known anyway) for a machine to hack into the part of the chip containing the encrypted key. U2F protects the user side of the transaction. Of course if Google (in this instance) gets internally hacked then of course your account on their server would be exposed.
     
  20. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,658
    Location:
    UK
    To chip in ha ha - U2F does it properly to the extent to which there is a secret on the device and the crypto is both strong (as far as we know), and the challenge/response site specific. The site doesn't know you, it knows the response it gets back from the key - which is different than the response back to the same challenge from a different site. This is clearly crucial when it comes to privacy.

    It can also be repudiated by the owner - by destroying it, which is more than can be said for biometrics, at least not what most would choose!

    U2F can be used with a biometric backing forming the secret, but that's not a form I will accept, because ultimately the source of the secret is publicly available and the storage algorithm known, it would be security by obscurity. Earlier implementations of fingerprint solutions on Android phones even stored an image of the fingerprint available to all apps!!! The other benefit over biometrics is that it is not subject to false positives and false negatives - both of which can introduce holes or lockout.

    U2F can make account recovery more complicated because it cannot be cloned or recorded. Either you and the site have to have a backup u2f key registered, or - my preference, have a OAUTH TOTP backup option which can use secrets which can be backed up as text records. Depending on your threat model, paper OTP can also be a good option.
     
  21. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    Well the reason I thought about that is, when you create a pgp key, you can create subkeys. I guess they are kinda like the way website certificates are derived from the CA root cert.
    So that makes me question, what if such a thing as preinstalled authentication keys were actually subkeys of the manufacturers master key? Bearing in mind the sneaky underhanded backdooring of eveything else, it would almost be an anomaly if these TFA keys were not that.
    I'd feel a lot happier about them if I generated the key myself.
     
    Last edited: Mar 10, 2018
  22. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,606
    If I understand it correctly, GPG master key can't decrypt contents encrypted by subkey, it just provides convenient way to revoke only the compromised subkey so that you don't need to recreate everything. Same goes for CA and trust chain, unless they directly have the server secret key, they can't decrypt connection, they can just revoke the certificate(s). The encryption and signing works differently, and it is signing that used to make trust chain.

    But I can understand your concern, especially as Yubikey went closed source. I'm not sure ROCA vulnerability could be prevented if they had kept open source, but in this case maybe not.
     
  23. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,658
    Location:
    UK
    My feeling is that, as usual, any backdooring is less likely to be in the crypto, and more in other components (e.g. RNG), or in magic challenges to the key that result in the whole set of secrets getting dumped out..... Unless you do build your key from open source all the way, you'll be vulnerable to that - and as @Yuki2718 points out, it's a real shame that Yubico has closed source elements now. The way I look at that now is that it restricts the protected systems to "commercial" standard now, not beyond. A bit like Bitlocker, for instance.
     
  24. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,803
    Its difficult to find a clear explanation of how it does actually work.
    In open key chain for example,
    You go to create key.
    You have the option to change configuration of subkeys only. No explanation of what algorithm is used to create the actual secret master key.
    BUT.
    One of the subkeys is called a master subkey, it is described as used for binding other subkeys.
    The other subkeys can be used to sign, to encrypt or to authenticate.
    I have tried to find a clear explanation of what that means exactly but so far all I found is sketchy often contradictory info, especially when you consider most documentation about public key encryption describes one public key that is used to encrypt which is derived from one private key that can be used to sign and decrypt.

    So I am still left with a lot of unanswered questions, like,
    If they are all subkeys, that suggests there is somehow also a master key, so what is it? Is that the same thing we would call the private key?
    Which algorithm is used to create the private key and why is that not a user choice option?
    Why is the encryption key, called a subkey and not a public key?
    Is there a difference between an encryption subkey, and what we might usually call the public key as in, the public/private key pair?
    What are subkeys exactly and how are they related to the public/private key pair?
    What is the master subkey and how is that related?
    What is actually used to decrypt, is it the master subkey or another, unconfigurable, private key that all the subkeys, including the master subkey are somehow derived from?

    Edit: I forgot to mention each subkey can be generated using a different algorithm, rsa2024, rsa4048, ECC f-521 etc so that suggests each subkey is itself a seperate key pair, somehow related to the master subkey which itself can use any of the algorithms, so it also must be part of a seperately generated key pair which is somehow related whatever is above it? Is that an overal master key which is never mentioned in the open key chain configuration options?
     
    Last edited: Mar 12, 2018
  25. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,606
    @RockLobster
    Yup, I haven't seen such explanation too and wanna hear from those who don't bother to examine the source code.

    Tho I haven't gone in depth of cryptography ever, public & private key have to be a pair and by quickly looking at RSA key generation algorithm, making real master key will be impossible unless prime numbers p, q are derived from the master key, but if it was done, compromise of a subkey can cause the compromise of master key too unless there's secret parameter to determine what p, q will be used in each subkey which is only stored somewhere in the master key. There might be other clever trick which can be done outside of mathematical key generation, but as long as the dev don't have malicious intention, why do bother it? It will be much more easier, more straightforward and safer just to generate each subkeys randomly and sign them by the master key. This talk seems to support it.

    Form the link, it seems in modern PGP implementation it's misunderstanding that subkeys are derived from a master key, rather when you create "a key", it's actually "keys" and they're signed mutually with the top-level signing key.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.