I'll include as a comment my reply to an email from the reporter:
Hello,
Note that the Ubuntu security team considers fingerprints to be akin to
usernames, rather than passwords. They cannot be changed, they are left on
thousands of objects daily, and repeated demonstrations of sensors being
'fooled' by artificial constructions from photographs etc basically mean
fingerprints are not worth much as authentication tokens.
In the Main Inclusion Request review for fprintd and libfprint, we
included:
It's important to note that security team considers fingerprints to
be akin to usernames and not passwords. Any potential issues with
this tool will be treated with this threat model in mind.
-- https://bugs.launchpad.net/ubuntu/+source/fprintd/+bug/1745455
Under this threat model, disclosure of a fingerprint is not a
vulnerability.
Perhaps the fprintd or libfprintd authors will see things differently,
but I suspect most security practitioners have decided that fingerprints
are identifiers, not authenticators.
Thanks
** Changed in: apparmor (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to fprintd in Ubuntu.
https://bugs.launchpad.net/bugs/1822590
Title:
Found storing user fingerprints without encryption
Status in fprintd:
New
Status in apparmor package in Ubuntu:
Won't Fix
Status in fprintd package in Ubuntu:
Triaged
Status in Debian:
Unknown
Bug description:
Dear all,
I would like to report a new issue as follows.
‘fprintd’ saves a fingerprint data, ISO/IEC 19794-2 formatted, to a file on
the host without any encryption.
Though fprintd generates fingerprint image with root permission for
protecting the file from attackers, it is not of itself sufficient.
It is well known threat model that a formatted fingerprint data can be
restored to original image about a decade ago.
[1-4] are presented to create sophisticated and natural-looking fingerprints
only from the numerical template data format as defined in ISO/IEC 19794-2.
They also successfully evaluated these approaches against a number of
undisclosed state-of-the-art algorithms and the NIST Fingerprint Image Software.
We need improvements of those issues.
[1] R. Cappelli et al., “Fingerprint Image Reconstruction from Standard
Templates”, IEEE Trans. on Pattern Analysis and Machine Intelligence, vol.29,
no.9, pp.1489-1503, 2007.
[2] A. Ross et al., “From template to image: Reconstructing fingerprints from
minutiae points”, IEEE Trans on Pattern Analysis and Machine Intelligence,
vol.29, no.4, pp.544-560, 2007.
[3] R. Cappelli et al., “Can Fingerprints be reconstructed from ISO
Templates?”, IEEE ICARCV 2006.
[4] J. Feng et al., “Fingerprint Reconstruction: From Minutiae to Phase”,
IEEE Trans on Pattern Analysis and Machine Intelligence, vol.33, no.2,
pp.209-223, 2011.
Sincerely,
Seong-Joong Kim
To manage notifications about this bug go to:
https://bugs.launchpad.net/fprintd/+bug/1822590/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
