Cryptology ePrint Archive: Report 2017/1177

Reusable Authentication from the Iris

Benjamin Fuller and Sailesh Simhadri and James Steel

Abstract: Mobile platforms use biometrics for authentication. Biometrics exhibit noise between repeated readings. Due to the noise, biometrics are stored in plaintext increasing risk if a device is compromised. Since biometrics cannot be regenerated or refreshed, they will be reused, increasing the impact of such a compromise. Fuzzy extractors derive a stable cryptographic key from biometrics (Dodis et al., Eurocrypt 2004). Previous works claim biometric key derivation systems using fuzzy extractors but these works either assume an adversary model where plaintext biometric storage is secure or have incorrect analysis. In addition, no construction handles the case of biometric reuse.

The goal of this work is to derive keys from an actual biometric with formal and explicit conditions for security. We focus on the iris due to its strong uniqueness (Prabhakar, Pankanti, and Jain, IEEE S&P 2003). We build an iris key derivation system with 45 bits of security even when the iris is reused. Our starting point is sample-then-lock, a recent fuzzy extractor due to Canetti et al. (Eurocrypt 2016). Achieving satisfactory parameters requires modifying and coupling the image processing and cryptographic algorithms. Our system is based on repeated hashing which simplifies incorporating multiple factors (such as a password).

The construction is implemented in C and Python and is open-sourced. This system is fast enough for use on desktop applications with successful authentication usually completing within .30s.

Category / Keywords: key derivation; fuzzy extractors; authentication

Date: received 1 Dec 2017, last revised 14 May 2018

Contact author: benjamin fuller at uconn edu

Available format(s): PDF | BibTeX Citation

Note: Major revisions: new discussion of prior work, further statistical/security analysis, second implementation.

Version: 20180514:143457 (All versions of this report)

Short URL: ia.cr/2017/1177


[ Cryptology ePrint archive ]