Topic: Private key from biometric data? (Read 276 times)

My statements regarding how fingerprint scanners work are factual and can be confirmed with a simple web search. My statements regarding turning fingerprints in to private keys are hypothetical since (to my knowledge) this has never actually been done.

As I explained in my post which you quoted, it is not an issue with encoding the fingerprint, but rather an issue with reliably reproducing the same result every time.

The first link you gave is simply a method for turning a fingerprint in to a QR code. Irrelevant to this issue of reliability.
The last link you gave is simply a method of generating artificial fingerprints with a hidden message. Irrelevant to the issue of turning real fingerprints in to private keys.
The middle link includes the following statement:

Which confirms what I have said above. If the image of your scanned fingerprint is slightly different, because of noise, angle, pressure, warmth, moisture, ambient lighting, dust, skin aging, damage, scars, whatever, then the whole system falls apart and you will generate a different private key (or in this case, barcode) to the one you generated before.

You can easily set up a system to turn a fingerprint in to a private key. The problem comes when you want to restore that private and cannot reproduce it from your fingerprint because of the above issues.

I think there will be always only 1 private key for every biometrics data. Information encrypted using the private key can be decrypted only with the public key. Only the holder of the private key can encrypt information that can be decrypted with the public key.

May I ask you if it's just your own opinion based on your knowledge or something you have read in reliable sources because I guess you are not a specialist of the matter and your knowledge on the topic is limited as mine. So I think it would be better to provide some sources supporting those conclusions.
From what I see in those articles some methods seem to already exist to encode fingerprints actually.

A Method to Encode the Fingerprint Minutiae Using QR Code https://www.iasj.net/iasj/download/6a869cbba3b0f35d
A Bar Code Design and Encoding for Fingerprints https://www.sciencedirect.com/science/article/pii/S2212017313005719
How to Encode a Secret Message in a Fingerprint https://spectrum.ieee.org/how-to-encode-a-secret-message-into-a-fingerprint

Yes, you're right, I'm starting to understand. It comes down to the low entropy of biometric data.

[[/quote]
But what is to care about here is the entropy(randomness) of the private keys generated this way IMO. Because if the entropy is too weak, hackers will be able to identify ranges of keys likely to be generated and used, and will be able to concentrate their computing power on them. The strength of BTC private keys is too be highly unpredictable and independent from each other. Initially, guessing a random private key is in the same order of magnitude as guessing the geodetic coordinates of a random atom in the whole universe, that won't be the case anymore with a system like that I think.
[/quote]
This is exactly the kind of counter argument I was hoping for. You're right, the entropy of biometric data is too low, it's just not a good starting point.
I guess it could be used to open a wallet in rather secure way if you combine things like heart beat pattern, voice, prints, etc. backing each others up.
But even then, it's not that much of a step forward...

This is different, though.

Let's take fingerprints as an example. When you register your fingerprint with a device, the device is pinpointing various minutiae on your fingerprint, such as where a ridge ends, or where a ridge splits in to two, or joins another ridge, or a small ridge island, and so on. It creates a map of those minutiae points, and stores that in memory. When you scan a fingerprint in the future, it compares the minutiae points to the ones on file and decides whether they are similar enough. Their orientation and the distance between them won't be exactly the same, due to the rotation of your finger, or the angle of your finger, or how hard you press, or how cold/warm your skin is, etc., but if they are close enough then you will get a match.

Now consider trying to restore a private key from a fingerprint. The scan isn't exactly the same, because it never is, and so you generate a completely different private key. Perhaps it measured the distance between two minutiae points to be 49 microns, instead of 50. Or perhaps the angle between two points to be 24.4 degrees instead of 24.5. But with nothing to compare to, where do you go next? You have no way of knowing what part of the process is giving you a different reading, and even if you did, nothing you can realistically do to fix it. Do you just endlessly scan your finger over and over and over and hope that eventually you get an identical picture to the first time?

I wasn't talking about that, I was talking about keeping constant or at least keeping working your biometric ID, as I said it's used since many years in critical areas, for critical things with no public issues reported about that. If the system wasn't reliable it means it would be dangerous to travel abroad with a biometric passport, as it could prevent you from being able to return in your own country.
If you use alternatively 2 or 3 different biometric criteria for the same access/key I don't think anyone could consider it as unreliable. Someone losing his 2 eyes, all his fingers and his voice the same day, is less likely to happen than a bank losing your datas and preventing you from accessing your funds. And I'm not talking about losing the medium(mostly a sheet of paper) where people are storing their seeds currently. So a multisig wallet system or something similar seems to be more than enough for this purpose IMO.

This is probably one of the worst nonsense I heard in a long time.  
Nobody can force me to link anything with my body if I don't want to do that, unless I am in some concentration camp and this is done by force.
You are asking us to trust you and some mysterious future technology to provide anonymity, but in reality you know jack shit about things you are talking about.

I wouldn't say no big issues. There have been facial scanners which have been fooled by a simple photo of the subject. Someone was able to bypass an ultrasonic fingerprint scanner simply by taking a photo of the necessary fingerprint with his phone and then 3D printing a replica, in a process that took him under 3 minutes - https://imgur.io/gallery/8aGqsSu. Biometrics are not secure.

You don't even need to go as far as this.

When cells multiply, as is happening inside your body all the time, they (in general, excluding a few specific types of cells) must copy your entire genome. Although this process is very accurate, it is not 100% accurate, and random mutations, swaps, insertions, deletions, etc., are happening constantly. These mutations often occur in genes which that cell doesn't use, or in non-coding parts of our DNA, or even in a gene it does use but it doesn't affect it significantly, and so on, meaning that the cell isn't faulty and so isn't removed by your body and the mutation lives on. If you took two different samples from the same person at the exact same time and sequenced their DNA, then they will not match 100%.

Now, this doesn't matter for most of the things we use DNA sequencing for. Crime scene investigating, for example. If the DNA matches 99.99999%, then you can be certain it is the same person. The same for screening for genetic diseases, or tracking ancestry, or so on. But for generating private keys it's a far different story. If you don't match exactly (which you never will), then you will not generate the same private key.

It is not a trivial problem to ensure that you can extract the exact same private key from different DNA samples from the same person. And if you figure out a way to do it, then an attacker can do the exact same thing with a few of your dead skin cells which you leave on everything you touch.

DNA has the most variables, but the least skew possibilities from a base standpoint. Making it the most accurate basepoint to start from.
You could do a total collection of let's say a healthy individual no known conditions and all limbs' eyes and stuff intact.
All points of biometric collection you can think of.
Let's say your base figures had a heavy degree of altercation 20 years later.
The same individual now has permanent illness, missing a limb/thumb, no hair and altered DNA from time, lets toss in a radioactive event.
How far has 20 years deviated your base samples?
Could that percentage reproduce the same exact hash/key?
In the end, is it possible to make a reproducible private key from biometric data?
No. If you have one altercation weather its 1% or 1 × 10-99999999%, it will deviate the base biometric data resulting in a different hash/key.

you could map data to key factors and do a conversion and probably get accurate enough to tell someone is the same person as 20 years ago with no issue.
however, a consistent KEY approach wouldn't be valid I don't think a consistent hash function could be achieved at this point in time.

If you are using some sort of hash to reduce biometric data to a short string, there's a risk that such algorithm could be reverse-engineered to brute force large numbers of potential keys. The whole point of private keys is that they are uniformly random, and human biometric data is not random and not uniformly distributed.

If you build such system for yourself and keep it a secret, chances that you will get hacked are low, unless someone will know about it and target you specifically. But if it becomes a popular solution, maybe some company offers it as a service, then hackers will have a lot of incentive to break it.

Surely, we are on the same wave length on functionality with this. Why would anyone even want that? For sure I won't want that and I do my best to keep security measures like Face  ID and Biometrics from my most secured devices or apps. Combinations do a better job as the chnacs of brute forcing it is slim but, when it comes to Face ID and Biometrics, they've got loopholes to which, someone could get your print as you go through your day to day life. Also, Face ID unlocks sometimes malfunction and someone with access to your device while sleeping could as well get access to your stuff.

The private key is as safe as it is or could get. That's why, you wouldn't hear news on its hack or something like that. Where the issues always comes in is in the carelessness of the holder and that's not a fault of the programme.

I don't think the main issue is to be able to keep constant your biometric ID. Biometric identification is not new, it's used since many years in many serious areas and no big issues had been reported concerning that matter afaik. Moreover I don't think it would be very inconvenient to change your key/seed and your wallet every 10 or 15 years(biometric passports are usually valid for 10 years), it would even be a good thing for your crypto safety actually.
But what is to care about here is the entropy(randomness) of the private keys generated this way IMO. Because if the entropy is too weak, hackers will be able to identify ranges of keys likely to be generated and used, and will be able to concentrate their computing power on them. The strength of BTC private keys is too be highly unpredictable and independent from each other. Initially, guessing a random private key is in the same order of magnitude as guessing the geodetic coordinates of a random atom in the whole universe, that won't be the case anymore with a system like that I think.

I'm not aware of any method to accurately and reliably reproduce identical strings from biometric data. A hash function can reduce the size of the input to a much smaller output, sure, but even enormous inputs which differ by only a single data point will produce vastly different outputs.

The only way I could imagine even approaching this would be via DNA sequencing, but even your DNA does not remain constant throughout your life. And of course you leave your DNA on everything that you touch, wear, drink from, breathe on, etc., making it very easy for an attacker to obtain a sample and reproduce your key.

It's not a case of how often does it happen, but rather, why would you use a private key which could be stolen by someone doing something as simple as lifting your fingerprint from something you touched. And most currently used biometric systems are equally easily recreated, from facial recognition to eye scanners.

The solution to that is you use the biometrics as the input to some function which you salt with a password or some other data, and so if the resulting key is compromised you can generate a new one with the same biometics by choosing a new salt. The obvious downside to that is that you have now reduced the security of your system to that of a brain wallet, which are the most insecure wallets in existence.

Thanks! Btw, I added an edit to the post.
Here is my input to your four points:

• A person's biometrics may change over time, resulting in a different key.
  Yes, unless the "reduction process" that you use to obtain that simple string from a huge amount of data, allows to actually obtain a constant string.
  In oher words, despite that the huge amount of data (human body or whatever) evolves, it is still immensly similar to what it was during the last measurement, and thanks to that, I think it could be possible to use a reduction (hasing is a reduction for instance) that spits out the same string. But that's what I wanted to learn about with this post.
• The measurements themselves are not precise enough to generate the same key each time.
  Same argument as previous point. The measurement is not perfect, but the amount of data gathered during the measurement is so immense that, with the right "reduction process", it would counter, from far, inaccuracies.
• Anything that takes the measurements gains access to the private key.
  That seems to be a common fear today, however, I did not mention fingerprints. And, even if we speak about this very narrow thing that fingerprints are, how often do people actually get robed their fingerprints to access their phones, bank accounts, etc...and steal everything with that fingerprint. I am not aware of such a global issue.. Anyway, it is an interesting topic too, but it is not the point of this post.
• The association of a person with their private key cannot be broken.
  You mean that this link is for life, and that's a problem, right? I think you have a point there and this is critical. But I also have a gut feeling that there is a solution to that. I would have to dig deeper though. But for now, you're right that's an obstable.

[/quote]
CHeers!

---

Wheter you like it or not, linking your online possessions to your biological body will happen, because this body of yours is ultimately THE thing that wants these possesions.
But fear not, future tech will make this process anonymous.

---

Hi, and thanks for the answer.

If you could create a string of integer, why wouldn't it be possible to transform it into a private key format?

Btw, I added an edit to the OP.

Cheers

Generation of Cryptographic Keys from Personal Biometrics: An Illustration Based on Fingerprints

Patent No.: US 10,454,677 B1 Oct. 22, 2019
Cryptographic key generation from biometric data

Personally, I think there are problems.

First, the purpose is not clear. It is easy enough to generate a private key from biometric data, as every person has a sufficient number of differentiating features that makes them unique. But, if the intention is to use these metrics directly instead of simply generating a private key, then I see problems.

• A person's biometrics may change over time, resulting in a different key.
• The measurements themselves are not precise enough to generate the same key each time.
• Anything that takes the measurements gains access to the private key.
• The association of a person with their private key cannot be broken.

Why the heck would you even think about doing something like this?!
I never liked using biometric data for anything in life, because it can be big intrusion of privacy and it's not that hard to clone biometric data.
Once this information leaks it's forever and you can't turn it back or change your biometrics, and using this for bitcoin private key would be pure waste of time.

That means that you can only have ONE bitcoin private key in your entire life ... based on your ''unique'' biometrics

First - why? What are you trying to achieve? What is wrong with current methods of generating a private key that you want to do this instead?

Maybe, but it is very high risk. Biometric unlocking systems such as fingerprint scanners on your phone are based on comparing your scanned fingerprint to a registered fingerprint and making sure they are close enough to unlock your device. Close enough is not suitable for generating private keys. Even a single data point being off by the smallest measurable margin will produce a completely different private key.

And even if you did manage to develop a system which can 100% reliably turn your fingerprint in to the same private key every time, then someone else can also do that and therefore utilize the inherent insecurity of biometrics to steal your coins. And of course a very minor injury or even just natural change over time would be enough to break the whole process.

I have limited knowledge on bio-metric data. Theoretically it could be possible to develop a set of integers based of it but I doubt it would be compatible with a private key format.
If it indeed was possible, it would be a bad idea. Besides how many places we touch daily, our finger print is on the database of at least a handful of systems and presents a privacy concern.

Private keys are already unique and constant.

- Jay -

Hi everyone,

I have a question related to building a private key based on biometric data.

Is it possible to build a reproducible ID, or string of characters, from a bunch of biometric measurements?
Given the fact that biological systems (humans in that case), evolve, get damaged, etc..

In the end, is it possible to make a reproducible private key from biometric data?
Because, a private key needs to be unique and constant, as far as i know.

Thanks!

------------------------------------------------------------------------------------------------

Thank you for the answers, but I have neither mentionned bitcoin, fingerprints, nor the intended application, so please do not over interpret my question.

Any biological system is evolving over time, getting damaged, etc... One might be tempted to say that it is impossible to produce a constant string of caracters from such an evolving system. However, because producing the string is an immesse reduction of information, I think it is theoretically possible to create a string that would be constant despite the evolving system.

If you would know of any papers on the subject, I would gladly read them, thanks!