Hello S. Moonesamy,
On 22 September 2015 at 20:54, S Moonesamy <sm+mu_at_elandsys.com> wrote:
> In "match-on-card" the data is sent from the fingerprint scanner to the
> card. It reduces some security (and other) issues. However, requiring a
> fingerprint match raises the question about the practical uses of the
> National Identity Card. For example, should it be required for senior
> citizens when they travel by bus?
>
Due to collagen depletion, skin elasticity decreases with age, which
can increase the difficulty of reading a fingerprint [1].
Have there been any announcements regarding future applications? Some
word argue that some of the most pressing problems in Mauritius can
not be solved by the use of a biometric smart card.
> Having a key derivation algorithm which is unknown sounds like security by
> obscurity. In practice, a person would not be able to derive the key even
> if he/she knows the algorithm.
>
Indeed, a known key derivation algorithm alone would not result in an
insecure system - that is Kerckhoff's principle [2] holds. That said,
some argue for obscurity as a layer [3].
Regards,
Dr. S. Naicken
[1]
http://icbrpurdue.org/wp-content/uploads/2014/01/2007-Impact-of-Age-Groups-on-Fingerprint-Recognition-Performance.pdf
[2]
https://en.wikipedia.org/wiki/Kerckhoffs's_principle
[3]
https://danielmiessler.com/study/security-by-obscurity/
Received on Wed Sep 23 2015 - 14:56:52 PST