Get PJ Media on your Apple

VodkaPundit

Security at Your Fingertips

September 13th, 2013 - 12:51 pm

How does the new iPhone 5S fingerprint security work? Like so:

Fingerprint readers can rely on a variety of different scanning technologies. The two that can be best integrated into a mobile device are an optical reader or a capacitance sensor. Optical readers are conceptually simple, using what is essentially a digital camera to take an image of your finger surface.

Capacitance readers are more complex, instead creating an image of your fingerprint by measuring the differences in capacitance between the ridges and valleys of your fingerprint. They leverage the electrical conductivity of your sub-dermal skin layer, and the electrical insulation of your dermal layer (the one where your fingerprint is). Your fingerprint is effectively a non-conductive layer between two conductive plates, which is the very definition of a capacitor. The fingerprint reader senses the electrical differences caused by the varied thickness of your dermis, and can reconstruct your fingerprint.

The Touch ID sensor in the iPhone 5s is a capacitive reader, embedded in the home button. That was a good choice on Apple’s part, since capacitive scanners are more accurate and less prone to smudgy fingers, and can’t be faked out with a photocopy of a fingerprint.

But there’s more good news:

And like the sensor in the iPhone 5S, the sensors that will be in laptops and keyboards and other phones can detect the ridge and valley pattern of your fingerprint not from the layer of dead skin on the outside of your finger (which a fake finger can easily replicate), but from the living layer of skin under the surface of your finger, using an RF signal. That only works on a live finger; not one that’s been severed from your body.

So don’t worry about a rash of thieves cutting off people’s thumbs to activate stolen iPhones.

Then there’s this from the first story:

Although details aren’t yet known, we expect that Apple uses each iPhone’s unique device code as part of the hashing algorithm. Since it’s embedded in the iPhone’s hardware, it’s effectively impossible to attack it off the device with more powerful computers; on-device attacks are much slower and more difficult.

The question remains however, does the NSA have a back door?

Comments are closed.

All Comments   (10)
All Comments   (10)
Sort: Newest Oldest Top Rated
Does NSA have a back door to the finger print reader? Is this some kind of UFIA joke?
30 weeks ago
30 weeks ago Link To Comment
So I cannot use my daughter's iPhone to call her dad to pick up some sugar from the store on his way home when her hands are sticky with flour making his birthday cake and my phone is dead.
31 weeks ago
31 weeks ago Link To Comment
Amazing. My dad did some work for a company in the late 1960s trying to develop a hand print recognition device. They weren't able to finish it as there wasn't enough computer memory. And that was a single use device.
31 weeks ago
31 weeks ago Link To Comment
I've been reading the same articles. Fascinating stuff. I'm feeling much better about the overall security of the device now.

But the point about using the UDID as a part of the hash, and is therefore more secure, doesn't quite ring right. Just because it's embedded in the hardware, doesn't mean it can't be used as a part of a remote attack. iOS developers are not allowed to use the UDID in any way programmatically, but I'll betcha dollars to donuts that Apple's got them all on file. And there's absolutely nothing preventing the NSA from grabbing them and throwing them into their code-cracking machines.

Maybe I'm misunderstanding the point. But it sounds suspiciously like a head-fake to me.
31 weeks ago
31 weeks ago Link To Comment
That's not how it works. When you set up a TouchID, iOS creates a one-way encrypted hash of the computed value from the scanner. Every time hence, the value from the scanner is hashed again, and if it matches, it unlocks. If it doesn't, no dice. The salt to generate the hash comes from the random number generator within iOS.

This is exactly how UNIX flavors have handled password security for quite some time. It is extremely effective-- the only way to crack it is to use brute force dictionary attacks against the encrypted value. This works reasonably well against weak passwords. It is virtually impossible against strong ones, and in the case of the scanner value, it is certain to be a very long, complex string that will be really, really, really hard to compromise.

Using the UDID as part of the salt would be amazingly stupid, and usually Apple doesn't do amazingly stupid things, so I wouldn't put much stock in that.

Plus, if you're the paranoid type, iOS 7 supports two factor authentication. So you can use the print and a keycode or password to unlock.
31 weeks ago
31 weeks ago Link To Comment
You mean "sort" not "salt".
31 weeks ago
31 weeks ago Link To Comment
No, "salt" is a term used for a value that is mixed with the password or other pass token for encryption. It makes certain crypto attacks against the encrypted password more difficult.
31 weeks ago
31 weeks ago Link To Comment
Scenario: When the iPhone 5S owner's car flipped over, his iPhone fell out of the car, a bystander picks up the phone and calls 911...

"Sorry, you are not the rightful owner."

I left my iPhone 5S somewhere and tried to locate it by calling it. A friend picked up the phone, can he answer and tell me he's got my phone?
31 weeks ago
31 weeks ago Link To Comment
All iPhones allow the user to dial 911 without signing in. I'm sure the 5S will be the same way.

The answer to the second question *should* be "No".
31 weeks ago
31 weeks ago Link To Comment
Oh, wait. Of course someone else can answer. You don't have to sign in to answer an iPhone. If you want access to any of the other components, though, you *do* have to.
31 weeks ago
31 weeks ago Link To Comment
View All