Re: Certificate profile for Biometrics information.

[Stephen Kent <kent@xxxxxxx>]

At 3:42 PM -0500 11/4/02, Sam Schaen wrote:
> Would an acceptable approach be to create a one-way function between the
> biometric data and the digest?  Similar to the hash algorithm used for
> signatures, the objective would be to make it virtually unlikely that two
> biometric captures could lead to the same digest but that having the 
> digest, it
> would not be feasible to obtain the biometric.  Certainly a hash meeting those
> characteristics could be included in a certificate without violating privacy
> concerns and without making imperonation of the biometric 
> characteristics easier
> than they currently are.
>
> -Sam

Sam,

That approach generally does not work, because a verifier needs to 
"score" the captured biometric data against the template values. 
It's never an exact match, unlike with passwords.

Steve