Ask HN: Approximate encryption
Is there an encryption method that can work if you only have, say, 90% of the key? (Work = the ciphertext is decrypted perfectly, as if you had the whole key.)
Rationale:
I was thinking about biometric authentication; as far as I can tell, a "detector" device compares the fingerprint / retina / whatever with a database of known biometrics and sends an "ok / not ok" signal to another system which actually grants access to a resource.
This enables two methods of attack: 1) add a fake record to the database and 2) do a MITM and send an "ok" signal no matter what the biometric detector says.
To combat that, we could encrypt the secret with the actual biometric; this way, unless you have the fingerprint / retina you can't get to the information and faking one doesn't help. Of course, given that you can't get the same reading from a fingerprint / retinal scanner, conventional encryption would be useless - hence my question.
2 comments
[ 3.6 ms ] story [ 17.7 ms ] thread