A Python implementation of fuzzy extractor
Project description
Fuzzy Extractor
A Python implementation of fuzzy extractor.
Introduction
Fuzzy extractors are a cryptography primitive designed to reliably derive keys from noisy sources. This makes them suitable for areas like biometric authentication where two measurements of the same subject can yield slightly different values. This implementation uses hamming distance as its error metric, meaning that two binary strings will produce the same key with very high probability if their hamming distance is within some given threshold.
The storage and retrieval of keys is performed using a primitive known as a digital locker. More information is available in the references section of this documentation.
Note that this is a probabilistic primitive based on very recent research. Use this library in real security applications at your own risk, ideally after performing some empirical evaluation for your chosen thresholds.
Installing
This library can be install from pip:
$ pip install fuzzy-extractor
Development
This repository comes with a Makefile to help with getting a development environment configured:
$ make help
Usage
Getting Started
This section will cover the basics of using fuzzy extractors. First, we need to create an extractor:
from fuzzy_extractor import FuzzyExtractor extractor = FuzzyExtractor(16, 8)
The extractor we just created will accept 16 byte (128-bit) input values and guarantees that inputs within 8 bits of each other will produce the same key with over 0.9999 probability (see the references for more details).
We’re now ready to generate a key for some input:
key, helper = extractor.generate('AABBCCDDEEFFGGHH')
Note that generate() returned two things: key and helper. The former is the secret that can now be used for further cryptography. The latter does not need to be protected (i.e., it is not a secret), but it does need to be stored somewhere if we want to be able to reproduce the same key later.
As long as we have the public helper, we can reproduce the key with any input close enough to the original:
r_key = extractor.reproduce('AABBCCDDEEFFGGHH', helper) # r_key should equal key
r_key = extractor.reproduce('AABBCCDDEEFFGGHI', helper) # r_key will probably still equal key!
r_key = extractor.reproduce('AAAAAAAAAAAAAAAA', helper) # r_key is no longer likely to equal key
Documentation
See the doc directory for documentation.
References
Canetti, Ran, et al. “Reusable fuzzy extractors for low-entropy distributions.” Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2016.
Carter Yagemann
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for fuzzy_extractor-0.3-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0b186d21f76333054c8e9b74187803fde1a57371cd31796ecafdd0e1372a5681 |
|
| MD5 | 41c3d1bd73974f3d102d035e2f503730 |
|
| BLAKE2b-256 | 4a565e2032668da1bfc72cf7fa268713c806bb5ff15dedec9b97d3e994529cc1 |
