Biometry and Cryptography
Biometrics is always "fuzzy comparison". If I have a password based authentication system, the password is either correct or not. If the PIN/password is difficult enough, one can encrypt data with it. If the authentication system stores a hash of the password, then the device will not "know" the correct password to decrypt my secrets but can verify that the user knows it. Biometrics on the other hand always compares to a reference pattern or model stored somewhere. Most likely biometric authentication systems will make some comparison and then allow or deny access. The reference is in the clear, because (to the best of my knowledge) there is no hash-function out there that will hash your fuzzy fingerprint to a constant value is it accepts and to something random if it rejects. Also note that gummy fingers seem to be incredibly easy make. Also note that biometric measurements are no secrets; you leave your fingerprints on everything you touch. It is also possible to restore the biometric information, given an unlimited number of trials as well as the fitness-score that some systems output.
Given so much things that can go wrong, how could biometry be used to improve security? I became interested in finding a method to transform a fuzzy input signal, like a fingerprint scan, into a constant value (suitable for encryption), if the input fits a certain characteristic (i.e. it was from the right person), and some random output, if it did not have that characteristic. That would solve the problem and allow to encrypt data with your biometric measurements. It also seems to require the combination of machine learning techniques (the algorithms are made to deal with fuzzy inputs) and cryptography.
I found a few existing solutions out there.
A company called Bioscrypt claims to have solved the problem. They call it Biometric Encryption. I have no idea how good it is.
An interesting paper that solves the problem as well is here. They propose a system that allows to retrieve a secret key, if the right inputs are given (i.e. correct fingerprint). The system works based on error correcting codes and a nearest neighbor classifier. This should actualy generalize nicely to arbitrary biometric measurements as long as you can map some noise-resistant features (for fingerprints it would be minutiaes) to something that nearest neighbor with the euclidean metric can deal with.
- Sample images can be independently restored from face recognition templates
- U.S. Patent 6,219,794, issued April 2001: Method for Secure Key Management using a Biometric
- A whitepaper on biometric encryption
- Secure Smartcard Based Fingerprint Authentication
- A fuzzy vault scheme
- Researchers: Distorting biometrics enhances security [CNN.com]