On 15.08.2013 18:51, TJ wrote:
I was searching for any hint that GRUB might support using a fingerprint reading device as input for unlocking encryption.
It's not possible to do securely as fingerprints are not secret. In fact, there are plenty of owner fingerprints on the laptop. But encryption key has to be secret. You can't derive secret key from non-secret data only, it would be like writing encryption key on the laptop itself. To retrieve the fingerprint from laptop and reply it into fingerprint reader is within a reach of computer security student with cheap equipment. There is some research in using biometrics to derive keys. Best result is with handwriting: a person writes a secret word on special reader but even this is pretty weak as researches show.
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
