Putting all the TouchID sucks / TouchID is great questions aside, can somebody help me understand how Apple (supposedly) is calculating a hash of a fingerprint and storing that hash in the phone, not the real fingerprint?
As I understand correctly, the purpose of a hashing function is to create totally different output even on a very minor change in the input data, which wouldn't work that great with fingerprints... or are they just using a clever hashing function which tries to somehow normalise the data before hashing them?
In short, they store a number of unique sub-regions of each 'enrollment' (a reading resulting in pixel data). These sub-regions – called 'spots' – can then be hashed and matched against future enrollments to provide a correlation score.
My guess is that they break the fingerprint into very small subsections and use those hashes to compare against. If they get matches in enough consecutive areas, then the phone unlocks.
Some hash functions are designed to produce very different outputs for very minor changes in input. (This is known as "cascade".) Others are designed to produce the same output for similar inputs.
i think the fingerprint reader extracts consistent data from the image of the fingerprint no matter how distorted it is, by say, looking at the relative position and translating the pattern of whorls into numbers, then that number is hashed.
As I understand correctly, the purpose of a hashing function is to create totally different output even on a very minor change in the input data, which wouldn't work that great with fingerprints... or are they just using a clever hashing function which tries to somehow normalise the data before hashing them?