Ignite 2015: Windows Hello

Session: BRK2324

  • Shared secrets are easily breached
  • Passwords are easily replayed and phished
  • See previous “Microsoft Passport” session I blogged about for more info
  • Security without convenience is dead in the water
  • Keys are ideally generated in hardware TPM, software as last resort
  • Single unlock gesture provides access to multiple credentials
  • Browser support via JS/Webcrypto APIs to create and use Passport users

Windows Hello

  • Supports biometric authentication
  • Convenient device logon and strong user authentication
  • Enterprise level security and access to high impact data and resources via Microsoft passport
  • Consistent inbox user enrollment

Biometric Steps

  • Enrollment Steps – Face, iris, and fingerprint share the same design
  • Usage – Authentication
  • Recovery – User can delete enrollment data. Stored strictly on local device.

Enrollment – Find a face, discover landmarks, detect head orientation, build & secure vector based template

Recovery – After 5 failures it falls back to PIN or another auth method. After 32 failures the TPM is locked.

There’s an option to improve face recognition where it will take additional data points

It can also use fingerprints and will use between 21 and 40 points, all stored locally on the device

Only supports a single face mapped to a single account. No multiple faces for a single account.

Authentication vs. Identification

  • Not every biometic modality is created equal
  • False acceptance rate
  • False rejection rate
  • Liveness and anti-spoofing – Can detect dead fingers and high res photos
  • Windows hello demonstrates false rejection rate of 1/100000
  • Windows Hello False rejection rate is 2-4%
  • Windows Hello requires liveness detection and anti-spoofing
  • Microsoft has captured 13K faces for a representative sample

Microsoft Hello Camera can work without visible light. It operates on IR. Speaker demod showing a picture and phone to the camera and it did not work.

Microsoft goal is to make biometics non-susceptible to spoofing, offline attacks, etc.



Print Friendly, PDF & Email

Related Posts

Notify of
Inline Feedbacks
View all comments