0

As I was studying a paper authored by Anna Romanou with title "The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise" I came across Ann Cavoukian's proposal that states on how to use biometrics.

What is stated is to use biometric characteristics as a key to encrypt another credential such as pin, password, conventional cryptographic keys and using the second type of credential as authentication, therefore there is no need to store biometric information that is extremely sensitive.

So if a software/systems Engineer wanted to use this type of cryptography, what algorithms/libraries does he/she has at his disposal?

Note: The purpose of this question is to create a public index of libraries and algorithms for these type of encryption in order for our colleagues to use it. For example, a .NET developer can use the X library.

Stephen King
  • 201
  • 2
  • 12
Dimitrios Desyllas
  • 381
  • 1
  • 2
  • 13
  • Biometrics are generally used for authentication, not encryption. – forest Apr 03 '18 at 12:32
  • Bit the recomended use for enchanced privacy is to use biometric for encryption that is not required to store biometrics i any device but we should recontruct the key any time in needed for authentication. – Dimitrios Desyllas Apr 03 '18 at 12:41

1 Answers1

1

They're basically suggesting that you use biometric data as a key to encrypt a larger, more random key for stronger encryption. This is similar to encrypting OpenPGP private keys with a symmetric cipher and a key derived from a passphrase. You could do the same with the output of a biometric device in place of the passphrase.

I think the real benefit to what they're proposing is not the strength of encryption, but enabling the use of biometric authenticators without actually storing the biometric data. This is similar to hashing passwords.

I think you'll find much of the industry moving away from biometrics as a single authenticator, though. They have a major flaw: you can't change biometric identifiers. The NIST Digital Identity Guidelines have a section on using biometrics for authentication that covers the topic in better detail and expertise than I could provide. But a summary over their points would be:

  • The false positive match on biometric scanners is still generally too high to be trustworthy
  • A user's biometrics are tied to their physical person, and generally do not change. While experimental technology exists to revoke a digital identity verified by biometrics, it is still early stage and note widely available
  • Biometrics are not secret, as they can be easily taken by lifting fingerprints or taking a photo of a person (in the case of facial recognition)

Here's a workflow that show's how biometric-based encryption works:

How to apply biometric-based encryption

nbering
  • 3,988
  • 1
  • 21
  • 22
  • I think you'll find most software related to biometrics is vendor-specific and related to the device. In terms of output though, it could be generalized in the same way you would a passphrase. I can't say I know of anything specific to this implementation, but as a developer, I probably wouldn't even look for anything. I'd just take the data from the device and feed it into existing cryptographic suites. – nbering Apr 03 '18 at 13:42
  • 1
    So for example the result of fingerprint reader you can SHA-256 it or SHA-512 it and then use it as a passphrase into a OpenPGP keyring storage right? In other words to generate a password from a biometric and use existing key generation algorithms right? – Dimitrios Desyllas Apr 03 '18 at 13:42
  • That's the general idea, yes. But I'd probably use PBDKF2 instead of a plain SHA algorithm, to maximize the effort needed to break the key. – nbering Apr 03 '18 at 13:45
  • I edited the portion about biometrics not being very trustworthy to reference guidance from NIST. – nbering Apr 07 '18 at 05:19