Identix (IDNX) Message Board

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Identix (IDNX)

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next

To: stockman17 who wrote (19363)	12/5/2000 1:55:46 PM
From: David	Read Replies (1) of 26039

Please do not quiz me on the security architecture of smart card only schemes. I have enough trouble trying to stay on top of the biometrics. I don't think that you would have much luck trying to spoof Identix/CPQ biometrics, though. You don't try to spoof the reader, you try to spoof the fingerscan. Considering that you have to either (1) intercept and replay or (2) impersonate, you have to get around defenses at either end. The algorithm will reject the exact replay, and the fake finger detection will reject plastic casts, etc. I believe that it's possible for a system operator to disable false finger -- why, I don't know -- and that could leave that system open to impersonation attacks. At some point in the future, a PKI/biometrics system will have any given template recognized as the digital signature for a particular digital certificate. If the template is somehow compromised, the CA issuing authority just cancels the certificate, re-enrolls the proper person, and issues a new certificate. You don't have to worry about only having ten fingers when you have near-infinite numbers of potential certificates.

Report TOU Violation

Share This Post

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next