Masterprints: synthetic fingerprints that unlock up to 65% of phones (in theory)


When the touch-sensors on phones capture your fingerprint, they're really only taking a low-resolution, partial snapshot and loosely matching it to a stored image — which is how a research team from MSU and NYU were able to synthesize their Masterprints ("a fingerprint that serendipitously matches a certain proportion of the fingerprint population"), which drastically reduce the space of possible "guesses" that an attacker has to make to unlock a phone or other device.


Other researcher have demonstrated that they can cheaply and quickly defeat countermeasures that try to establish that fingerprints are attached to living people.


The Masterprint paper lays out a bunch of different attack scenarios with different odds of success, the most optimistic being a 65% success rate at unlocking phones within the proscribed set of attempts before the OS locks up.

But the attack described is theoretical for now, and has not been validated against real phones, an obvious next step.


1) The work establishes the fact that it is indeed possible
to perform a dictionary attack on a fingerprint dataset
with substantial accuracy using a set of carefully chosen
MasterPrints. The MasterPrints can be either full or
partial fingerprints sampled from a dataset or designed
synthetically using a hill climbing method. However, the probability of finding MasterPrints from a partial
fingerprint dataset and the accuracy of the ensuing attack
are much higher than that of a full fingerprint dataset.

2) With a dictionary of 5 partial fingerprint based MasterPrints, and assuming a maximum of 5 attempts to be authenticated, it was possible to attack 26.46% users (each
having 12 impressions per finger) in the FingerPass DB7
capacitive fingerprint dataset and 65.20% users (each
having 8 X 10 (average) ≅ 80 partial impressions per
finger) in the FVC optical fingerprint at a FMR of 0.1%.
The attack accuracy varied greatly with the FMR value
and the number of impressions per finger (for details
refer to Section V.B.1).


3) It was observed that the synthetic MasterPrints, generated by a simple first-order hill climbing algorithm, are
able to improve the attack accuracy over the sampled
MasterPrints. On the capacitive dataset, the average
improvement over all FMR settings was

4%
whereas
on the optical dataset it was

3%
(for details refer to
Section V.B.2). Thus, it can be concluded that properly
designed synthetic MasterPrints can be used to perform
dictionary attack with higher accuracy.

4) The minutiae distribution of the selected MasterPrints
reveals that regions of high minutiae activity usually
occurred in the upper delta point of the fingerprints.
According to Cao et al. [9], these minutiae generally
have lower discriminative power, which may lead to a
higher imposter match rate.


5) Detailed analysis of the results reveals that even if a
MasterPrint matches with a small number of partial
fingerprints, the percentage of subjects that it matches
against can be quite high. This is because, for each subject, multiple partial prints may be stored. For example,
at a 0.1% FMR, a single MasterPrint (from the capacitive
dataset) matched only 1.4% of the partial fingerprints,
but this corresponded to 10.6% of the subjects owing
to the fact that every subject had 12 impressions. It is
clear that this risk would increase if multiple fingers
are enrolled for each subject. This observation indicates
that the number as well as the type of partial fingerprint
impressions to be stored for each finger should be
judiciously chosen such that the chance of matching with
an arbitrary finger is minimized as suggested in [37]

That Fingerprint Sensor on Your Phone Is Not as Safe as You Think
[Vindu Goel/New York Times]


MasterPrint: Exploring the Vulnerability of Partial
Fingerprint-based Authentication Systems
[Aditi Roy and Arun Ross/IEEE Transactions on Information Forensics and Security] (Sci-Hub Mirror/Requires Tor Browser)


(via /.)