Whitespace fix

1 files changed, 25 insertions, 16 deletions

diff --git a/en_GB/Introduction to Information Security/introduction_to_information_security.md b/en_GB/Introduction to Information Security/introduction_to_information_security.md
index 7269b89..67dd769 100644
--- a/en_GB/Introduction to Information Security/introduction_to_information_security.md
+++ b/en_GB/Introduction to Information Security/introduction_to_information_security.md
@@ -4,15 +4,15 @@
 
 ### Security objectives
 
-- Confidentiality
+- Confidentiality  
   Contents of objects cannot be read by third parties.
-- Integrity
+- Integrity  
   Whether or not a message has been modified between origin and receiver.
-- Availability
+- Availability  
   Guaranteed access to the information for permitted parties.
-- Access Control
+- Access Control  
   Only permitted parties are allowed to access the information.
-- Non-repudiation
+- Non-repudiation  
   Proof that an entity was involved in some event.
 
 ### CIA
@@ -26,18 +26,18 @@
 - Confidentiality
 - Integrity
 - Availability
-- Utility
+- Utility  
   Ensures that the information is useful and insensitive to e.g. lost keys.
-- Possession or Control
+- Possession or Control  
   Be sure that the possessor is in control of the information at all times.
-- Authenticity
+- Authenticity  
   Verification of claimed identities. Notice: In most cases, this just proves entities (e.g. machines), not humans.
   Also, there must be a point in time where authentication starts. If this step is taken automatically by a machine (e.g. session start),
   there is no valid inference to the actual human.
 
 ### Secrecy
 
-Confidentiality+.
+Confidentiality+.  
 Not only provides hidden contents, but also hides the fact that there is content at all.
 
 ### Strategy
@@ -80,18 +80,18 @@ As a user, you can be authenticated on the basis of
 
 ### Password protection
 
-- No expiry dates
+- No expiry dates  
   Studies have shown that this results in worse passwords.
-- No restrictions in password alphabet
+- No restrictions in password alphabet  
   Studies have shown that this leads to less possibilities in exhaustive guessing and therefore leads to worse passwords.
-- Set a minimum length instead
+- Set a minimum length instead  
   Has a higher impact than complexity. Set the maximum to at least 64.
 - No hints
-- Show passwords while typing
+- Show passwords while typing  
   Doing the opposite motivates the user to choose shorter passwords.
-- Allow passwords to be pasted
+- Allow passwords to be pasted  
   This enables secure password managers to be used.
-- Forbid commonly used passwords
+- Forbid commonly used passwords  
   Makes dictionary attacks difficult.
 - Limit number of failed password attempts
 
@@ -107,6 +107,7 @@ As a user, you can be authenticated on the basis of
 #### False match rate (FMR)
 
 How often is a false match attempt successful, which it should not be? Best case: $\text{FMR} = 0$.
+It can be interpreted as a measure of quality of the specific scheme. The lower the value, the better.
 
 $\text{FMR} = \frac{\text{\# successful false matches}}{\text{\# attempted false matches}}$
 
@@ -165,6 +166,14 @@ Probability of some sample to match at least one of the entries in the database.
 
 $\text{FPIR} = (1 - \text{FTA}) \times (1 - (1 - \text{FMR})^{n})$
 
+#### Biometrics in remote authentication
+
+*FPIR* scales up with increased *n* (database size), which makes it unusable in remote authentication with large databases.
+
+##### Examples
+
+Using a biometric scheme with $\text{FMR} = 0.01\%$ and a database of size $\text{n} = 80000$ results in $\text{FPIR} = (1 - 0) \times (1 - (1 - 0.0001)^{80000}) = 99.97\%$.
+
 ## Threat scenarios
 
 No security issues without threat models! E.g. a password is considered safe without any provided threat model.
@@ -188,5 +197,5 @@ Victim enters his password and the attacker captures the data forwarded by the f
 #### Countermeasures
 
 - System authentication to the user
-- Display number of failed logins
+- Display number of failed logins  
   Indicates compromised password to the user.