Paper Information

Robust Techniques for Evaluating Biometric Cryptographic Key Generators

Lucas Ballard


Humans are unable to generate and remember strong secrets, and thus have difficulty managing cryptographic keys. To address this problem, numerous proposals have been suggested to enable people to reliably generate high-entropy cryptographic keys from measurements of their physiology or behavior. Typically, evaluators argue that these Biometric Cryptographic Key Generators (BKGs) achieve some notion of security, for example, that the biometric input resists forgery, or that the keys have high entropy. Unfortunately, despite these arguments, many BKGs succumb to attacks in practice.

The goal of this work is to understand why typical security arguments fail to identify practical attacks. We revisit the security requirements of BKGs and show that common arguments overlook practical subtleties. We provide examples of such oversights by examining three general classes of adversaries. First, we study the impact of humans who can replicate other users' biometrics with high accuracy, and demonstrate why typical evaluation techniques fail to identify these forgers. Second, we explore Generative techniques that combine information about a target user with population statistics to create forgeries. We show that these forgeries can subvert BKGs with high likelihood. Third, we propose an algorithm that probabilistically enumerates the key space of a BKG to find a target user's key. We analyze two BKGs, and show that for each, our algorithm has at least a 15% chance of predicting ostensibly 40-bit keys on its first guess. Our exposition brings to the forefront practical ways of thinking about BKG security, and provides a framework for evaluators to study BKGs with adversarial techniques.

Finally, we present Randomized Biometric Templates (RBTs), a BKG that outputs keys with at least as much entropy as keys derived from passwords. RBTs extract entropy not only from biometric inputs, but also from a novel source: how these inputs are measured. Analysis with our strengthened evaluation techniques show that for some users, RBTs result in dramatically stronger keys. In our experiments, 40% of the users were able to generate keys that were at least 230 times stronger than keys derived from passwords alone.