• Natanael
    link
    fedilink
    English
    1522 hours ago

    To be fair cryptography can make a lot of that kind of private data inaccessible

    But still, this particular project is stupid and being able to use just biometrics for access is idiotic. Generating secret keys from data that is fully exposed to the public is extremely moronic.

    Biometric scanners only protect against lazy attackers, unless you literally have an armed guard next to the scanner to enforce correct scans without shenanigans

    • AtHeartEngineer
      link
      English
      921 hours ago

      Just some background on the cryptography going on:

      Its a hash of a fingerprint of your iris that isn’t used for access, it’s used for Sybil resistance, which is a bit different. You wouldn’t use this to prove you are eligible to vote, only that you haven’t voted already for a specific election.

      Under the hood, the iris scanning ball thing is just adding you to a membership registry. When you actually go to use your membership, you are generating a semaphore proof, which is a zero knowledge proof that you are in the registry with some nullification output so you can only participate in certain events some number of times (like voting once). You wouldn’t use this by itself to prove that you are eligible to vote.

      Generating secret keys from public data (iris)

      These aren’t exactly secret keys, but, yes, I agree. Also the Minority Report vibes weird me out.