Ever since the iPhone 5S was released 12 months ago, biometric “security” has been a lot more widely implemented. Apple’s Touch ID brought fingerprint scanning directly to hundreds of millions of smartphone users, and within 6 months, indirectly to millions more via a raft of me-too smartphones from Samsung and the like.i While Touch ID’s functionality was limited in iOS 7, as of last week’s iOS 8, your fingerprint can now act as your Master Password, acting as a “password” for everything from e-mail to Amazon to, yes, your Bitcoin wallet. As you read this, untold flocks of shepherdless sheep are hopping aboard the USS Touched.ii
Naturally, as with anything dumbed down for mass market, be it beef or buildings, Touch ID is complete and utter shit.iii In fact, you can hack it with a dab of Elmer’s glue.iv But that could hardly stop The Corpse That Steve Built from forging ahead with more biometric bullshit for its upcoming Apple Watch, which will feature infrared and visible-light LEDs and photodiodes to measure your heart rate.v Whether this is plain stupidity or outright malpidity is left to the reader’s discretion.
But maybe all is not lost! Maybe it’s possible that biometric data has more productive uses for smartphones and smartwatches? Let’s lift the covers of history and peek back to February 2013, a full 7 months before Apple released the iPhone 5S, to one illuminating conversation in particular.
This discussion of biometrics was gifted to us in the comments section of Mircea Popescu’s “The greatest smartphone app…” and contested between the article’s author and #b-a‘s resident mad scientist, Stanislav Datskovskiy. The context is that MP proposes that photographs of the iris could be used by smartphones to seed RNG for PGP key generation, a potential ce qui rachète for biometric scanners. Stan plays foil:
SD: When a compromised camera or other device in the loop lifts the photo of your iris right off the wire, where do you go to get a new iris? This is why biometric authentication is bunk, now and forever: the impossibility of key revocation.vi
MP: Ah but mind, this isn’t biometric authentication at all. The use of the iris data is simply to seed a RNG. (And, I guess, in the expanded version to recognise that the same iris is looking at is as was recorded when the key was born. Seeing how the recognition is tied to the dongle and only good for an otherwise arbitrary key, it doesn’t really hit the problems you’re describing, does it ?)
SD: The problem exists in all cases where data derived from your body structure hits a wire. If it is on a wire, something can, in principle, read and save it. And play it back at a later time. And eventually will. Whether you are using it as a PRNG seed or the key itself does not matter.vii
MP: No, actually, that’s the very definition of a hash function, in that context : a function which takes something that matters and turns it into something that doesn’t matter. As long as there’s not an inverse f’ (y) = x, as long as you can’t then take the results and reconstruct the PRNG’s seed, it’s indifferent what it was seeded with I daresay.
SD: If it doesn’t matter what you seed with, why use iris scanners? The point of doing so is, as I understand it, to be able to re-create the seed at a later time if necessary. But when you scan your retina, the resulting bits are not magical un-copyable bits. They are ordinary bits, which can be saved, covertly, to a storage device (perhaps by a compromised scanner) and played back at a later time by the enemy, just as if you had voluntarily lent him your eye. Whereas conventional passwords and keys can be revoked should you find that they were compromised.viii
MP: Cause they contain a lot of entropy (I think). What can you do to get enough entropy for a 2-4k RSA key out of a single 1-2-5 Mpixel shot ? Take a picture of drywall?
The idea isn’t to recreate the seed at all, in fact I’d be very much surprised if two self-administered shots to the eye would result in even identifiably similar items. Maybe worth some bathroom experimenting, finally we have a good excuse to do what the chicks do in there. FOR SCIENCE!
Obviously all this iris picture taking may present some side risks, such as for instance a perv acquiring a large collection of people’s irises (much in the same way large scale self-shot booty has resulted in humongous private collections of tits and asses).ix It’s not entirely clear to me this is actually a bad thing : having large volumes of irises available in public would actually constitute great protection against any future Leviathanesque attempt to use them seriously.
SD: Still shots of an iris are actually mostly worthless, because serious iris scanners look for a pulse and the characteristic deformations. So the key in this case consists of a sequence of frames, showing correctly pulsating blood vessels. I like your scheme of posting iris shots voluntarily to destroy the possibility of their use in earnest, but you will need to post the kind of bits which actually come out of a professional ($10K+) iris scanner, rather than still shots.x
High-quality entropy itself, on the other hand, is quite cheap, if you know where to look (lava lamp plus Von Neumann’s unbiasing algorithm.) Or a noise diode (included on many PC chipsets, and certain embedded CPUs.) Or, for the truly classy, a Geiger tube.
MP: You don’t get that many bits out of a lava lamp tho. But at least for the Japanese Geiger tubes are probably much better a solution than what I propose.
SD: Iris scanners aren’t entirely useless. They are just what the doctor ordered for controlling entrance to a guarded facility, where an actual human will fire a rifle at you if you tarry by the door and try to take apart the eyepiece in an attempt to get at the wiring and inject false bits. Or for identifying captured prisoners, just the same as traditionally done with fingerprints. But biometric-anything is absolutely worthless in application to gadgets which can be diddled at one’s leisure at home. The enemy can simply remove the optics and inject a previously captured bitstream (downloaded from your compromised scanner, or one in a public place,) and there will be no way for the machine on the other end of the network to know about it.
Re: Geiger tubes: you can get arbitrarily many bits of entropy from background radiation, depending on your timer resolution.
MP: It’d have to be a good tube for resolution to be settable quite that arbitrarily. But that aside : it’d seem superficially that the cost of injecting captured bitstreams into some dood’s gutted phone is larger than both the likely revenue and than the other already available means to achieve the same end.
The idea was for practical, cheap and relatively sound crypto for mass consumption, not for indefeasible crypto.xi
SD: The entropy one gets from the Geiger tube comes in the time dimension (i.e. the periods between clicks.) Virtually any tube will do. Sample using a digital counter which shifts its output to a register (and clears) upon each click. Afterwards don’t forget to apply Von Neumann unbiasing. If you want very high resolution, build the circuit from multi-GHz emitter-coupled logic. (Total cost: $50 or so.) The low bits will be highly entropic. For a very high bit rate, obtain a small radioactive source (a standard smoke detector capsule will do nicely.)
SD: Retinal scanners (and fingerprint readers) are a terrible idea for mass consumption – not only due to the irrevocable keys, but from the illusion of security (thanks, Hollywood) that they bring. A cheap biometric sensor is in fact worse than the state of the art re: passwords and such. Witness how few commercially-sold fingerprint readers pass the “sausage test.” You get what you pay for, and consumers are not prepared to pay for serious hardware.xii
I think you’ll agree that this conversation was too valuable not to memorialize. As we now see, digital security on smartphones and and smartwatches cannot under any circumstances include biometrics.
Hey Apple/Samsung, see you next September 26.
___ ___ ___
- Apple, now Jobless and very, very soulless, is playing out some kind of Shakespearean tragicomedy by copying its copying competitors with its me-too iPhone 6 and 6 Plus. Seriously, the next computing hardware artist can’t come soon enough. [↩]
- Don’t know what it means to be “touched” in ye olde British English? Look it up. [↩]
- Regardless of what fucktards like Brian X. Chen at the New York Times think, one day, Apple will publicly apologize for their Touch ID scam. “We didn’t think we had to read Trilema (or Contravex)” isn’t going to cut the mustard. They simply won’t be able to bury their head in the sand any more than ICBC, GS, and TD can after Shellshock, Heartbleed, etc. Their day will come. And on that fateful day, preferably on a September 26 of some future year (but any day will do), they’ll come grovelling to Mircea Popescu’s feet to bow at his wicked domination of the Internet. From The Good Rabbi:
“As you probably don’t know, not for any other reason than because of your ignorance and laziness, MPEx is the only actual financial services provider connected to the Internet.
Every other group or entity that lays pretense to being both a) into financial services and b) connected to the Internet is making these claims fraudulently. Either while actually into financial services they are not in fact connected to the Internet ; or else while actually connected to the Internet what they’re doing is not financial services. Period.
Specifically included here, Paypal. While you may erroneously think, and while Paypal itself fraudulently pretends to be involved in online financial services, they are in fact not. Specifically included here as well, every pretend-bank with an “online banking” service. Specifically included here each and every Bitcoin “exchange”. Specifically included here everyone. Everyone.
Specifically excluded from there, MPEx. This because under my enlightened leadership, the market leader in financial services eschewed the PKI/https stack of shit in favour of the correct solution. Because that’s what market leaders do.
Note that this was no accident, I didn’t just so happen to stroll into the right position. MPEx eschewed the “common business practices” wilfuly, pointedly, and at the “cost” of much ire from the average engineer fucktard.” [↩]
- It’s true, using Touch ID instead of a password is like using a Circle webwallet instead of MultiBit. Or using a bored-out salami instead of a condom. [↩]
- You’ll be able to, get a load of this, send your heart rate to other Apple Watch users, who will then be able to feel your heart rate through their Watch’s “Taptic Engine.” [↩]
- As with PGP Revoke Certificates. [↩]
- This is why heart rate monitors, iris scanners, fingerprint scanners, etc. are to be absolutely fucking avoided for security and authentication purposes. The gyros, microphones, GPS and WiFi sensors in smartphones already ensure that there’s no privacy, why also compromise security? [↩]
- For stronger passwords, skip the vRTJ$%452*w and use dicelists. [↩]
- N.B. This was a year-and-a-half before Apple’s iCloud was hacked and Jennifer Lawrence (cached) became a household name (yes, even with Dad). [↩]
- The Samsung Galaxy S5, released on April 11, 2014, was supposed to have an iris scanner to allow for “smart scrolling” that would track eye movement instead of having the user swipe the screen with their finger. Then the Koreans found out that they’d have to label their smartphone as a “medical device” and thought better of it. Not that this is the last word on iris scanners. We’ll surely see them before long. [↩]
- MP proposing something for mass consumption? But… how??! [↩]
- Still waiting for the $5k smartphone and $50k desktop that are worth every single penny? Me too. All in good time! [↩]