Cryptosmith

Yesterday the Digital Technology Center at the University of Minnesota (just up the street) hosted a talk by Anil Jain, who has done a lot of work on pattern matching, biometrics in general, and fingerprints in particular.

Most of the talk was a typical biometrics briefing: what it’s about, how the technology works, the problems it’s supposed to solve, and so on. Toward the end he presented several interesting things that were more or less new to me:

1. A recent paper on which Jain is 3rd co-author seems to claim that the classic ’12 point match’ with a latent print could have an error rate of about 1 in 4,400.

2. If you have a collection of “fingerprint patterns” for biometric matching, you can indeed use the patterns to build fingerprint images that match those patterns. This is something that many biometric companies have claimed to be impractical, if not impossible.

3 . A student of Jain’s is working on practical techniques to ‘hash’ fingerprint patterns. Such a hash would allow a system to match a fingerprint to a hashed pattern, yet not provide the right information for constructing a matchable fingerprint.

Overall, Jain’s talk was clearly that of an enthusiast, or more specifically, one who is heavily invested in the concept and technology. He provided the obligatory slide to point out where the vulnerabilities are, or could be, in such systems. His own focus is on the pattern matching and how to make that part as reliable as possible.

So far, the DTC has not yet posted Jain’s slides. Generally they post such things here. Most of the generic slides also appeared in this earlier talk. Below, I’ll try to track down what I can of the interesting stuff.

Hacking Fingerprint Patterns

Many moons ago, I got into an argument with a biometrics vendor about this: they were storing fingerprints as compact patterns that simply described minutiae, and they claimed that this was perfectly safe from a privacy standpoint. They claimed it was simply impossible to reconstruct a fingerprint from the pattern.

Now, impossible is a big word. In security, there’s almost always a way to exploit some information like this. For me, it’s always seemed obvious that you could take minutiae and build an image that, when scanned, would match the minutiae. That’s obviously not the same as reconstructing someone’s “ten card” fingerprint record from minutiae patterns. That would be the worst possible case.

On the other hand, if you can build any sort of matchable pattern, then you can impersonate the fingerprint’s owner.

I guess I should be satisfied that it took a Ph.D. dissertation to solve the problem, though that’s not usually a satisfactory definition of impossible in this world.

The paper describing how to create ridged fingerprints from minutiae, by Arun Ross, Jidnya Shah, and Anil Jain, was published in IEEE PAMI (Pattern Analysis and Machine Intelligence) last April.

I haven’t found anything specific on fingerprint hashing co-authored by Jain, but I did find a reference to a paper in Pattern Recognition Letters from last December.

Fingerprint reliability

Jain was third co author of a very interesting paper that looks at fingerprint error rates. Jain’s talk noted that in 1911 Scientific American claimed that identical fingerprints should only happen every 10⁴⁸ years. Unfortunately, nobody can figure out how the author of that old article arrived at that number.

Forensic fingerprint matches require matching up those minutiae, the little spots where the print’s ridges start, end, or split. The relative locations are specific to individual fingerprints. The FBI used to believe that you only had to match up 12 of them between a “latent print” from a crime scene and a criminal’s print on file.

Apparently the current standard is higher than 12.

The recent paper, by Zhu, Dass, and Jain, describes research in which certain 12-point matches fail in 1 out of 4,400 cases. This is disturbing when you think about how many people have been convicted in past decades based on 12-point matches.

Jain’s talk noted the 2004 arrest of Brandon Mayfield, an Oregon lawyer. Mayfield was implicated in the Madrid terrorist bombings through a latent print lifted from a plastic bag. Jain displayed a slide showing the latent print along with a “12 point match” to a print from Mayfield’s “10 card” fingerprint record. Mayfield had been fingerprinted while an officer in the US Army – not the usual background for a terrorist. In late 2006, the US government settled a lawsuit filed by Mayfield for wrongful arrest and imprisonment.

Posted under Security | No Comments »