Ask / Submit

Revision history [back]

click to hide/show revision 1
initial version

posted 2018-06-01 13:27:39 +0200

I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned device and would use a one-way cryptographic algorithm to encrypt this key and store that as password (exactly the same way a password is stored for a user on unix systems). On using the fingerprint sensor, the system generates the key from fingerprint data and encrypts it at then compares that result with the stored data. I it matches, the system will unlock. This way no fingerprint is stored anywhere and it shoudln't matter if Google or the NSA gets the encrypted representation of my fingerprint.

I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned device fingerprint and would use a one-way cryptographic algorithm to encrypt this key and store that as password (exactly the same way a password is stored for a user on unix systems). On using the fingerprint sensor, the system generates the key from fingerprint data and encrypts it at then compares that result with the stored data. I it matches, the system will unlock. This way no fingerprint is stored anywhere and it shoudln't matter if Google or the NSA gets the encrypted representation of my fingerprint.

I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned fingerprint and would use a one-way cryptographic algorithm to encrypt this key and store that as password (exactly the same way a password is stored for a user on unix systems). On using the fingerprint sensor, the system generates the key from fingerprint data and encrypts it at with the same algorithm and then compares that result with the stored data. I it matches, the system will unlock. This way no fingerprint is stored anywhere and it shoudln't matter if Google or the NSA gets the encrypted representation of my fingerprint.

My answer is: no it doesn't necessarily have to.

I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned fingerprint and would use a one-way cryptographic algorithm to encrypt this key and store that as password (exactly the same way a password is stored for a user on unix systems). On using the fingerprint sensor, the system generates the key from fingerprint data and encrypts it with the same algorithm and then compares that result with the stored data. I it matches, the system will unlock. This way no fingerprint is stored anywhere and it shoudln't matter if Google or the NSA gets the encrypted representation of my fingerprint.

My answer is: no it doesn't necessarily have to.

I really don't know how it is done. But if I would implement it, I would create some sort of key from the scanned fingerprint and would use a one-way cryptographic algorithm to encrypt this key and store that as password (exactly the same way a password is stored for a user on unix systems). On using the fingerprint sensor, the system generates the key from fingerprint data and encrypts it with the same algorithm and then compares that result with the stored data. I If it matches, the system will unlock. This way no fingerprint is stored anywhere and it shoudln't matter if Google or the NSA gets the encrypted representation of my fingerprint.