[cryptography] Generating passphrases from fingerprints

Jon Callas jon at callas.org
Sun Dec 5 04:26:23 EST 2010


The short answer is that you can't do that.

All forms of biometrics are inexact. The input is a picture, and pictures are never exactly the same from time to time. The picture might not be optical, but it's a picture, no matter how it's gotted. The input picture is compared to a set of reference pictures, and a comparison comes back as to whether it's close enough to the reference.

In contrast, other forms of authentication are (in general) exact. Even if someone's password is a stupid one like "puppies", an attacker is not going to get in with "babydogs". It is very easy to do math to turn an exact input into an exact, cryptographically useful result -- like turning a passphrase into an AES key.

It is very difficult, nigh unto impossible, to take an inexact input like a biometric and turn it into something exact and cryptographically useful. Jonathan Katz mentioned fuzzy extractors, but they're not a mature technology. 

I know someone who did a very nice extractor for fingerprints. It was very elegant, but it's maximum entropy was about 18 bits, and typically more like 9. Once you knew how the algorithm turned a fingerprint into a key, the search space was small and not evenly distributed. In fact, it wasn't much harder to compute a rainbow table than to do a single search.

	Jon




More information about the cryptography mailing list