date: sun, 25 jan 2009 03:33:10 -0500 from: steven j klein subject: england's nhs loses patient...
TRANSCRIPT
![Page 1: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/1.jpg)
Date: Sun, 25 Jan 2009 03:33:10 -0500From: Steven J Klein <[email protected]>Subject: England's NHS loses patient data: bad news, good news, bad news
Bad news: A National Health Service employee lost a flash drive containing personal information of up to 6,360 patients.
Good news: The data on the flash drive was encrypted.
Bad news: The password was written on a sticky-note attached to the drive.
Paraphrased from the *Lancashire Evening Post*
1
![Page 2: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/2.jpg)
2
Neo: I suppose the most obvious question is: how can I trust you?
The Oracle: Bingo! It is a pickle. The bad news is that there’s no way if you can really know whether I’m here to help you or not, so it’s really up to you . You just have to make your own mind to either accept what I’m going to tell you, or reject it.
![Page 3: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/3.jpg)
“Have I reached the party to whom I am speaking?” -- Lily Tomlin as Ernestine
3
![Page 4: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/4.jpg)
FIPS-181* Password Gen StandardPassword Score (Mac OS X)
Chester WEAK
blibdonbiz FAIR
gothignuhoiv FAIR
gothignuhoiv$ GOOD
Gothignuhoiv GOOD
Gothignuhoiv$ EXCELLENT
tapes8(Lynne EXCELLENT
cusmannyukjagomm GOOD
4
* http://www.itl.nist.gov/fipspubs/fip181.htm
![Page 5: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/5.jpg)
Leaky Authentication #1 *
Welcome to XYU Computing Services
Enter Username: foople
*** Unknown Username – Retry
Enter Username: _
5* -- Adapted from Pfleeger & Pfleeger
![Page 6: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/6.jpg)
Leaky Authentication #2*
Welcome to XYU Computing Services
Enter Username: foople
Enter Password: *******
*** Authentication Failed
*** Attempt 1 of 3
Enter Username: _
6* -- Adapted from Pfleeger & Pfleeger
![Page 7: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/7.jpg)
Leaky Authentication #3*
Enter Username: fopple
Enter Password: *******
*** Authentication Failed
*** Attempt 1 of 3
Enter Username: foople
Enter Password: *******
*** Authentication Succeeded
Welcome to XYU Computing Services
->
7* -- Adapted from Pfleeger & Pfleeger
![Page 9: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/9.jpg)
Schneier on Passwords
Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We're all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.
9
![Page 11: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/11.jpg)
Radica’s Password Journal
11
![Page 12: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/12.jpg)
Schneier on Passwords
Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We're all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.
12
NO !!!Passwords aren’t the answer for all system authentication needs
![Page 13: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/13.jpg)
CAPTCHAS
• "Completely Automated Public Turing test to tell Computers and Humans Apart.”– Luis von Ahn, Manuel
Blum, Nicholas J. Hopper (all of Carnegie Mellon University), and John Langford (then of IBM) in 2000
13
![Page 14: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/14.jpg)
14
![Page 15: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/15.jpg)
What you have: Security Tokens
15
![Page 16: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/16.jpg)
One-time password w/ clock
16
![Page 17: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/17.jpg)
One-time password using an iterated Hash function
17
![Page 18: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/18.jpg)
Iterated password allows a simple attack if Alice fails to authenticate the server
18
![Page 19: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/19.jpg)
ISO SC27 Example
19
![Page 20: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/20.jpg)
ISO SC27 Attack 1
20
![Page 21: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/21.jpg)
ISO SC27 Attack 2
21
![Page 22: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/22.jpg)
Protocol Design Gotcha’s
• Replay attacks• Reflection attacks• Oracle / Dictionary attacks• Extra participants
Best advice: Don’t design your own if you can avoid it!Use a standard, well-vetted protocol instead!
22
![Page 23: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/23.jpg)
What you are: Biometrics
23
![Page 24: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/24.jpg)
Identity is always driven by our senses, each with variable levels of accuracy
![Page 25: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/25.jpg)
Of course, choosing which sense to use in any given identification situation is subject to– Environment– Etiquette– Local laws
![Page 26: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/26.jpg)
Sight and Sound
• With speech, we believe we know who we’re talking to because – We may recognize their voice (fairly strong
authentication, but subject to colds, etc.)– We called them on the telephone and we that we
reached the right person (uhm, well maybe ... )– They called us on the telephone and assume they
are who they say they are (uhm, well ...)
26
![Page 27: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/27.jpg)
Sight Only
• We may be able to see the person (strong authentication, but subject to haircuts or hair coloring, tans, aging, weight loss, etc.)
• With the written word, we believe we know who is “talking” to us because– the publishers must have checked …– that’s their logo on the webpage …– the label on that watch really says Rolex™, but it’s just
printed small … right?– surely not all of those Nigerian emails are fraudulent
27
![Page 28: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/28.jpg)
Touch
• Embossed seals on paper• Highly-developed tactile senses of sight-
impaired folks
28
... But awkward to do quickly or with the general public
![Page 29: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/29.jpg)
Smell
Humans aren’t particularly good at this one– “I know that perfume”– “Gee, your hair smells terrific!”– “Uhm, could you stand over there?”
29
Again, tough to do with the general public, but there is ongoing research ...
![Page 30: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/30.jpg)
Taste
Beyond identifying basalt samples in the “lick lab” of Geology 101, Humans just aren’t gifted here.
30
![Page 31: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/31.jpg)
Credibility of Identity Varies
• Depends upon context and environment• May be influenced by others• May change from day to day• May be misled by disguises
31
![Page 32: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/32.jpg)
Old ways of establishing identity
Before the digital age, these were based upon physical things/actions or sensory inputs.
![Page 33: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/33.jpg)
Is digital identity an improvement?
![Page 34: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/34.jpg)
Are strong biometrics the answer?The ones that work best scare people the most
Plus, they are hard to obtain without getting up close
![Page 35: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/35.jpg)
And they’re really personal!
35
![Page 36: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/36.jpg)
Why are biometrics scary?Biometrics cannot be replaced
– most biometrics are not a secret – once compromised, compromised forever
What if a biometric is used for cross matching?– Biometrics collected for one application can be
shared to retrieve other private information (health care, law-enforcement, financial background)
![Page 37: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/37.jpg)
Biometrics Challenge
Can we find a technique which permits us to safely replace biometrics as easily as a stolen credit card ?
![Page 38: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/38.jpg)
38
One solution is to use Cancelable Biometrics• Intentional repeatable
distortion– alters signal but still in
correct format– generates a similar signal
each time
• Compromised scenario:– a new distortion creates a
new biometrics
• Comparison scenario:– different distortions for
different accounts
© New Yorker Magazine (Charles Addams)
![Page 39: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/39.jpg)
39
Hash Functions : Ideal for passwords and text
33B21856A91D2FBB5BC4144C69B23F85
FIRE ALL LINUX PROGRAMMERS
43C08679B2FD54C65467DDCC9C00AD49
1 character difference
65 bitsdifference !!
SHA
HIRE ALL LINUX PROGRAMMERS
SHA
Can we simply hash a fingerprint?!
![Page 40: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/40.jpg)
40
Hashing : Doesn’t work for biometrics
26 pointsmatch
Don’t match at ALL !!F313C86188DDE96bD48AD5
8CDECDB9E8
SHA
80BC979099C2FA643E4C54
32A03E01B8
SHA
15 pointsdon’t match
OK
![Page 41: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/41.jpg)
Encryption vs. Distortion
41
Encryption Intentional Distortion
Encrypted signal does not resemble original.
Transformed signal looks like a normal signal.*
Original is recovered after decryption.
Original signal is generally not recoverable.
![Page 42: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/42.jpg)
What we need is a way of moving around in the space of a class of biometric data in an irreversible manner
ONE WAY
MAPPIN
G
![Page 43: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/43.jpg)
43
Open issuesPractical:
Will this solve fake input (fake finger, fake face)?– No, if we have access to the transform database
Where do we store the transform?– server– smartcard/card
Theoretical: How many distortion transforms are possible for a given biometrics?
Is the original signal reconstructible from a set of distorted versions?
Technical: Which distortion transform model is better: signal or feature?
– possibly a combination of both
How will the error rates change?
![Page 44: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/44.jpg)
44
XY Permutation (feature domain)block scramble
>> points positions are distorted rather than whole image <<
![Page 45: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/45.jpg)
45
Radial Permutation Transform
7
7
sector scramble
![Page 46: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/46.jpg)
46
Direction Field Transformsurface warp
![Page 47: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/47.jpg)
47
Impact on PerformanceBEST
WORST
Selection of possible error tradeoffs
more imposters get in
genuine person more often rejected
![Page 48: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/48.jpg)
48 25 October 2006
Fingerprint example: two impressions
Registration based on “core” and “delta”
Original 1 Original 2
![Page 49: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/49.jpg)
49 25 October 2006
Distorted versions still appear similar
Distorted 1 Distorted 2
![Page 50: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/50.jpg)
50 25 October 2006
Fingerprints mostly matched by “Minutiae”Finding minutiae
Livescan Input Enhancement
Match ridge endings and bifurcations between prints and evaluate
![Page 51: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/51.jpg)
51 25 October 2006
Minutiae of distortions match, but not to original
Original 1 Distorted 1 Distorted 2
no match match
![Page 52: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/52.jpg)
52 25 October 2006
Real example: two images of the same face
![Page 53: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/53.jpg)
53 25 October 2006
Registration and Distortion
![Page 54: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/54.jpg)
54
Cancelable Biometrics: ExampleTwo images of the same face
repeatable distortion
DON’TMATCH
DON’T MATCH
MATCH
MATCH
![Page 55: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/55.jpg)
55
Distortions have limits
![Page 56: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/56.jpg)
Cancelable Biometrics in the Marketplace ?
The company genkey has an product called BioHash® SDK .
http://www.genkey.com/en/technology/biohashr-sdk
56
![Page 58: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/58.jpg)
Coin Flipping Protocol*
58
1 Alice & Bob generate public-key/private-key pairs2 Alice creates 2 messages, one for heads and one for tails. Alice encrypts them
both with her public key and sends them to Bob in random order:EA(M1), EA(M2)
3 Bob chooses one at random, encrypts it with his public key and returns it to AliceEB(EA(Mn)), where n or 1 or 2
4 Alice can’t read it, but decrypts it with her private key and returns it to BobDA(EB(EA(M)))=> EB(M1) or EB(M2)
5 Bob decrypts the message to reveal the result (heads or tails) and sends to Alice6 Alice reads the result and verifies the string is correct7 Alice and Bob reveal their key-pairs so that both can verify the other didn’t cheat
Works only if PK algorithm is commutative: DA(DB(EA(EB(M)))) = DB(DA(EA(EB(M))))
* Adapted from Schneier, pp. 90-91
![Page 60: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/60.jpg)
Zero Knowledge Example 1
How can I prove to you that I know where Waldo is in the picture, without giving away his specific position?
Start with a sheet of paper much larger than the picture, cut a small hole in it, and place the hold over Waldo.
The viewer can see Waldo, but cannot be sure how the picture is positioned under the cover.
60
![Page 61: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/61.jpg)
61
![Page 62: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/62.jpg)
62
![Page 63: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/63.jpg)
Zero Knowledge Example 2• Alice says she can count the # of leaves on a tree.• Bob selects a tree, and tells Alice to look away.• Bob says he will pick between 1 and 100 leaves from the tree.• Bob tells Alice to turn around.• Alice correctly tells him how many leaves he picked. The
probability of Alice guessing correctly is 1/100.• They repeat the cycle, and Alice is correct again, while the
probability of guessing correctly twice (independently) is 1/10000 !• The more times they repeat the cycle with Alice answering
correctly, the less likely it is that she is guessing.• THEREFORE, Alice must be able to count the leaves on the tree!
63
![Page 64: Date: Sun, 25 Jan 2009 03:33:10 -0500 From: Steven J Klein Subject: England's NHS loses patient data: bad news, good news, bad news Bad news: A National](https://reader035.vdocuments.site/reader035/viewer/2022062806/5697bfd01a28abf838caa73f/html5/thumbnails/64.jpg)
ZK Example 2: Proving knowledge of a private key*
64
1 Alice says she knows Carol’s private key and wants to prove it to Bob without revealing it OR decrypting anything encrypted with Carol’s keys. Carol’s public key is e, private key is d, and RSA modulus is n .
2 Alice and Bob agree on a random k and m such that km = e (mod n)
3 Alice and Bob generate a random ciphertext, C.4 Alice computes, using Carol’s private key:
M = Cd mod n and then X = Mk mod n and sends X to Bob.5 Bob confirms that Xm mod n = C , and if it does, he believes Alice.
* - simplified, from Schneier pp.548-549