Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Biometrics
avanti at ntlworld
Oct 31, 2000, 4:09 PM
Post #1 of 3 (307 views)
Permalink
Hi,
Noting your activities regarding the GNU Privacy Guard project, I wondered
to what extent you have considered the use of biometrics for strong user
authentication? You may like to take a look at my background information
site

http://homepage.ntlworld.com/avanti

and email me if you have any interesting ideas in this context - it would be
good to see something useful being developed under the free software
philosophy, although there are perhaps some caveats as to secure template
management (see the PKI page on avanti).

Kind regards to all

Julian Ashbourn avanti@ntlworld.com






--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Biometrics (OT) [ In reply to ]
stefan at epy
Nov 2, 2000, 3:31 AM
Post #2 of 3 (306 views)
Permalink
On Tue, 31 Oct 2000, Julian Ashbourn wrote:

> Noting your activities regarding the GNU Privacy Guard project, I wondered
> to what extent you have considered the use of biometrics for strong user
> authentication? You may like to take a look at my background information
> site

Couldn't resist:

"Biometrics are unique identifiers, but they are not secrets."

From a 1998 crypto-gram newsletter by Bruce Schneier
http://www.counterpane.com/crypto-gram-9808.html#biometrics

Regards,
Stefan

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Biometrics [ In reply to ]
gnupg-users at gnupg
May 25, 2020, 1:24 AM
Post #3 of 3 (204 views)
Permalink
On Mon, 2020-05-25 at 10:01 +0200, Peter Lebbing wrote:
> On 25/05/2020 09:47, Micha? Górny wrote:
> > ...and that's really a good thing they can do that instead of choosing
> > a more painful way of getting your fingerprints.
>
> How is that an advantage compared to passphrases? As soon as someone
> threatens to go all XKCD 538 on you[1], just give them your passphrase.
> No need to lend them your finger, either with or without you still
> attached.
>
> If this is your threat model, you need more than encryption or
> biometrics.
>
> ... unless your whole comment was as serious as my comment about plastic
> surgery of course :-) ...

It was.

> More seriously, biometrics might be a nice deterrant to the casual
> opportunistic curious peeker. It's quick, a finger swipe takes less time
> and effort than a good passphrase. But it's not proper security in my
> book.
>

I wholeheartedly agree with you.

--
Best regards,
Micha? Górny

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal