Biometrics and blockchains: the Horcrux protocol [part 3]

In this third and final article of the series (see Part 1 and Part 2), I’ll discuss a new idea - the Horcrux protocol - that will securely link your biometrics and online identity credentials via blockchain technologies.

Most online identity systems are limited in the sense that they can’t be tied to your real-world identity. They fail to provide sufficient levels of assurance needed for full digital identity management. Your driver’s license, passport or other credentials are based on personally identifiable information (PII) tied to your real identity. Several leading blockchain-based identity projects that are trying to achieve full digital identity management via an idea called self-sovereign identity. Many of the self-sovereign identity projects reviewed in part two of this series rely on issuers, who may perform biometric-based identity verification and proofing checks, to create cryptographically sealed identity credentials on a blockchain. At authentication time, the user and relying party use the blockchain-based credentials without the need for an intermediate identity provider. The user (or “holder”) provides a Decentralized Identifier (DID) for the issued credentials to the relying party. The relying party can resolve the blockchain object (a DID Document) to access the user’s credentials, initiate the required authentication steps, and grant authorization (or not).

Storing your biometric data on a blockchain is not advised. Any personally identifiable information should be stored in off-chain storage (e.g., as a verifiable claim) with a cryptographic reference to the data placed on a blockchain for integrity and provenance. One could also divide the biometric data into “shares” using Shamir’s Secret Sharing (or similar algorithms) to further protect the information in separate off-chain records. Secret sharing is a relatively recent technique for dividing up a piece of information into 2 or more shares such that the secret cannot be divulged unless ALL the shares are combined. By securing the shares (hiding, encrypting, etc.), they can be better protected.

In the Harry Potter series, the antagonist, Lord Voldemort, divides his soul and hides the pieces in common objects called “horcruxes” that are hidden around the world.  Lord Voldemort cannot be killed unless all his horcruxes are destroyed first.  Our idea is similar: your biometric data, split into shares, is persisted separately in off-chain storage that you control and sealed via blockchain references for integrity and provenance.  This could provide protection, privacy and availability even in the case of loss of your device and associated keys.

The IEEE 2410-2017 Biometric Open Protocol Standard (BOPS) allows two or more biometric shares to be divided between the mobile device and servers using a secret sharing technique called visual cryptography. In a traditional client-server model, two shares are created upon enrollment of the initial biometric vector (IBV) in which one share is reserved on the mobile device and one is sent to the server. If either share is lost or compromised, the other share cannot be reconstructed, and the original biometric data cannot be recovered either. This secret sharing technique reduces the risk of compromise in case of exposure of either share separately. At authentication time, the shares are combined for match comparison with a candidate biometric vector. Matching can occur on the mobile device or server. According to IEEE 2410-2017 standard, the server’s biometric share is stored in a “persistence cluster” that may be implemented by any storage layer such as an RDBMS, NoSQL database, or distributed file system so long as it meets the encryption requirements for the biometric shares.

The BOPS storage layer can also be implemented using a blockchain-based technology such that separate relying parties could access a share via a blockchain given its identifier (like a DID). During enrollment, an IBV share is stored in an off-chain DID Document and digitally signed by the issuer.  The corresponding DID is then issued to the user and kept on the enrolled mobile device along with the other IBV share.  The blockchain-based share is only accessible via a cryptographic challenge to the mobile device that holds the other share.  At authentication time, the user can give the DID to a new relying party who resolves the DID to the corresponding DID Document containing an IBV share.  The relying party checks the issuer’s signature and authenticates the user’s access to the DID Document (e.g., via a mobile device possession verification similar to FIDO UAF).  Then, the user’s IBV share from their mobile device and the off-chain IBV share are combined and matched to a candidate biometric vector (CBV) for authentication.  The match can occur on the server or mobile device depending on the configuration, policies and jurisdictional regulations.

Your biometric data should be under your control whether on a mobile device or your cloud storage providers.  Secret sharing and asymmetric encryption can help secure the data via blockchain-based verifiable claims for integrity and provenance.  Loss of the device means that the off-chain share is orphaned since the corresponding enrollment private key would also be lost.  We are exploring ways to recover such keys using social recovery or biometric recovery compatible with Key Management Interoperability Protocol (KMIP) standards. 

Ultimately, using blockchains and associated storage providers, institutions no longer need to store customers' personal credentials, diminishing the risk of a mass credentials breach.