1

I'm working on anonymous system that requires pre-registration. Pre-registration procedure involves fingerprint scanning to determine if a person has registered (to prevent more than one registration of one person). The thing is, owner of scanner is not trusted and can be interested in "multiregistration". So, he can publish random data disguised as fingerprint data. I need a fingerprint scanner that sign output data with secret key. I tried to google but can't find something suitable.

  • Output data can be fingerprint minutiae data or LSH of this data (preferably LSH).
  • Scanner must sign output data automatically (preferably RSA) using its own hardware resources.
  • Secret key must be embedded in scanner by manufacturer and can't be extractable.
  • Secret key can be exclusive for each scanner or be the same for one manufacturer or similar models.

Is there scanner like described? Scanner scheme

Vlad Koshelik
  • 11
  • 2
  • Where is the output data coming from, and where is it going to? – peterh Sep 25 '20 at 16:33
  • @peterh-ReinstateMonica The output data is coming from scanner and going to computer. – Vlad Koshelik Sep 25 '20 at 17:15
  • The fact that there are no trivial/well-trodden/popular/widespread solutions to this interesting problem is a large red flag. An open-source, transparent, proven hardware stack would be the only way to have confidence that you've correctly implemented a design like this. Any manufacturer that offers an obscure solution, private APIs, SDK under NDA or similar, is not subject to the firehose of security testing open devices eventually receive. This means that even such solutions contain no backdoors, they may have exploitable mistakes your stereotypical attacker can use to circumvent you. – i336_ Sep 30 '20 at 13:51

0 Answers0